Configuration
Two Layers of Configuration
ShipAny Next keeps the env file minimal by design:
- Environment variables — only what's needed to boot (app URL/name, database, auth secret).
- Admin Settings — provider credentials (payments, OAuth, email, storage, AI, analytics) are configured in admin panel → Settings and stored in the
configtable, encrypted whenCONFIG_ENCRYPTION_KEYis set.
Env vars with matching names still work as fallbacks — database values take precedence.
Required Variables
NEXT_PUBLIC_APP_URL=http://localhost:3000
NEXT_PUBLIC_APP_NAME=My App
DATABASE_PROVIDER=sqlite
DATABASE_URL=file:data/local.db
# Generate with: openssl rand -base64 32
AUTH_SECRET=In production a placeholder
AUTH_SECRETis rejected at runtime — always generate a real one.
Optional Variables
# App branding (defaults exist in src/config/index.ts)
NEXT_PUBLIC_APP_DESCRIPTION=Ship your SaaS faster
NEXT_PUBLIC_APP_LOGO=/logo.png
NEXT_PUBLIC_DEFAULT_LOCALE=en
# Encrypts secrets saved via admin Settings (AES-256-GCM).
# Once set, keep it stable — rotating it orphans encrypted values.
CONFIG_ENCRYPTION_KEY=
# Database (advanced / non-sqlite)
# DATABASE_AUTH_TOKEN= # Turso auth token
# DB_SCHEMA=public # Postgres schema
# DB_SINGLETON_ENABLED=false # reuse a single connection (serverless)
# DB_MAX_CONNECTIONS=1
# Auth (defaults to NEXT_PUBLIC_APP_URL)
# AUTH_URL=http://localhost:3000Env Loading Order
Loaded by src/lib/env.ts (used by next dev and the db:* / rbac:* scripts):
.env.{NODE_ENV}.local > .env.{NODE_ENV} > .env.local > .envSo in development, put your values in .env.development.
Admin Settings
Sign in with an admin account and open /admin/settings. Settings cover:
- Auth — email auth toggle, email verification, Google/GitHub OAuth credentials, Google One Tap
- Payment — Stripe / PayPal / Alipay / WeChat Pay credentials
- Email — Resend API key and sender address
- Credits — initial credits on signup (enabled / amount / valid days)
All values are stored in the config table and override the corresponding env vars at runtime.