Environment Variables

Overview

Studley AI requires several environment variables to function properly. This guide covers all required and optional variables for deployment.

Required Variables

Database Configuration

DATABASE_URL

string

required

PostgreSQL database connection string. Used for primary data storage.Format: postgresql://user:password@host:port/databaseExample:

DATABASE_URL="postgresql://user:pass@localhost:5432/studley"

SUPABASE_POSTGRES_URL

string

required

Supabase PostgreSQL connection URL for auth and database operations.Example:

SUPABASE_POSTGRES_URL="postgresql://postgres:[password]@db.xxx.supabase.co:5432/postgres"

Supabase Authentication

NEXT_PUBLIC_SUPABASE_URL

string

required

Your Supabase project URL. Found in Supabase project settings.Example:

NEXT_PUBLIC_SUPABASE_URL="https://xxxxx.supabase.co"

NEXT_PUBLIC_SUPABASE_ANON_KEY

string

required

Supabase anonymous/public key for client-side operations.Example:

NEXT_PUBLIC_SUPABASE_ANON_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

SUPABASE_SERVICE_ROLE_KEY

string

required

Supabase service role key for server-side admin operations.Warning: Keep this secret! Never expose in client-side code.Example:

SUPABASE_SERVICE_ROLE_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

AI Configuration

GROQ_API_KEY

string

required

Groq API key for AI-powered features (quiz generation, flashcards, study guides).Get your API key from: https://console.groq.comExample:

GROQ_API_KEY="gsk_xxxxxxxxxxxxxxxxxxxxx"

Session Security

SESSION_SECRET

string

required

Secret key for signing JWT session tokens. Must be a strong random string.Generate with:

openssl rand -base64 32

Example:

SESSION_SECRET="your-super-secret-key-change-in-production"

Application URL

NEXT_PUBLIC_APP_URL

string

required

The public URL of your application. Used for OAuth redirects and email links.Development:

NEXT_PUBLIC_APP_URL="http://localhost:3000"

Production:

NEXT_PUBLIC_APP_URL="https://yourdomain.com"

Optional Variables

File Storage

BLOB_READ_WRITE_TOKEN

string

Vercel Blob storage token for file uploads. Automatically set by Vercel if using Vercel Blob.Example:

BLOB_READ_WRITE_TOKEN="vercel_blob_rw_xxxxxxxxxxxxx"

Email Service

RESEND_API_KEY

string

Resend API key for transactional emails (verification, notifications).Get your API key from: https://resend.comExample:

RESEND_API_KEY="re_xxxxxxxxxxxxxxxxxxxxx"

Bot Protection

TURNSTILE_SECRET_KEY

string

Cloudflare Turnstile secret key for bot protection on forms.Example:

TURNSTILE_SECRET_KEY="0x4AAAAAAAxxxxxxxxxxxxxxxxxx"

Clever Integration (Education)

CLEVER_CLIENT_ID

string

Clever OAuth client ID for education platform integration.Example:

CLEVER_CLIENT_ID="xxxxxxxxxxxxx"

CLEVER_CLIENT_SECRET

string

Clever OAuth client secret.Example:

CLEVER_CLIENT_SECRET="xxxxxxxxxxxxxxxxxxxxx"

Runtime Environment

NODE_ENV

string

Node environment. Automatically set by most hosting providers.Values: development, production, testExample:

NODE_ENV="production"

VERCEL_URL

string

Automatically set by Vercel. The deployment URL.Note: Do not set manually. Vercel provides this automatically.

Environment File Setup

Create .env.local file

Create a .env.local file in your project root:

touch .env.local

Add required variables

Copy and configure all required variables:

.env.local

# Database
DATABASE_URL="postgresql://user:password@host:5432/studley"
SUPABASE_POSTGRES_URL="postgresql://postgres:[password]@db.xxx.supabase.co:5432/postgres"

# Supabase
NEXT_PUBLIC_SUPABASE_URL="https://xxxxx.supabase.co"
NEXT_PUBLIC_SUPABASE_ANON_KEY="your-anon-key"
SUPABASE_SERVICE_ROLE_KEY="your-service-role-key"

# AI
GROQ_API_KEY="gsk_xxxxxxxxxxxxxxxxxxxxx"

# Security
SESSION_SECRET="your-super-secret-key-change-in-production"

# Application
NEXT_PUBLIC_APP_URL="http://localhost:3000"

# Optional: File Storage
BLOB_READ_WRITE_TOKEN="vercel_blob_rw_xxxxxxxxxxxxx"

# Optional: Email
RESEND_API_KEY="re_xxxxxxxxxxxxxxxxxxxxx"

# Optional: Bot Protection
TURNSTILE_SECRET_KEY="0x4AAAAAAAxxxxxxxxxxxxxxxxxx"

Add to .gitignore

Ensure .env.local is in your .gitignore:

echo ".env.local" >> .gitignore

Validation

Verify your environment variables are loaded correctly:

npm run dev

Check the console for any missing required variables. The application will log warnings for missing configurations.

Security Best Practices

Never commit secrets to Git

Always use .env.local for local development
Add all .env* files to .gitignore
Use environment variable management in production

Use different keys for each environment

Separate API keys for development, staging, and production
Rotate keys regularly
Revoke compromised keys immediately

Protect service role keys

Never expose SUPABASE_SERVICE_ROLE_KEY to the client
Only use in server-side code and API routes
Store securely in production environment

Generate strong session secrets

Use cryptographically secure random strings:

# Generate a secure session secret
openssl rand -base64 32

Next Steps

Database Setup

Configure PostgreSQL and run migrations

Authentication Setup

Configure Supabase auth providers

AI Configuration

Set up Groq AI models and limits

Vercel Deployment

Deploy to production on Vercel

Setup

Configuration

​Overview

​Required Variables

​Database Configuration

​Supabase Authentication

​AI Configuration

​Session Security

​Application URL

​Optional Variables

​File Storage

​Email Service

​Bot Protection

​Clever Integration (Education)

​Runtime Environment

​Environment File Setup

​Validation

​Security Best Practices

​Next Steps

Database Setup

Authentication Setup

AI Configuration

Vercel Deployment

Build docs developers (and LLMs) love

Overview

Required Variables

Database Configuration

Supabase Authentication

AI Configuration

Session Security

Application URL

Optional Variables

File Storage

Email Service

Bot Protection

Clever Integration (Education)

Runtime Environment

Environment File Setup

Validation

Security Best Practices

Next Steps