Configuration
Two Layers of Configuration
ShipAny TanStack keeps the env file minimal by design:
- Environment variables — only what's needed to boot (app URL/name, database, auth secret).
- Admin Settings — provider credentials (payments, OAuth, email, storage, AI, analytics) are configured in admin panel → Settings and stored in the
configtable, encrypted whenCONFIG_ENCRYPTION_KEYis set.
Env vars with matching names still work as fallbacks — database values take precedence.
Required Variables
VITE_APP_URL=http://localhost:3000
VITE_APP_NAME=My App
DATABASE_PROVIDER=sqlite
DATABASE_URL=file:data/local.db
# Generate with: openssl rand -base64 32
AUTH_SECRET=
VITE_*variables are exposed to the client by Vite (import.meta.env); unprefixed variables stay server-only (process.env).
Optional Variables
# App branding (defaults exist in src/config/index.ts)
VITE_APP_DESCRIPTION=Ship your SaaS faster
VITE_APP_LOGO=/logo.png
VITE_DEFAULT_LOCALE=en
# Encrypts secrets saved via admin Settings (AES-256-GCM).
# Once set, keep it stable — rotating it orphans encrypted values.
CONFIG_ENCRYPTION_KEY=
# Database (advanced / non-sqlite)
# DATABASE_AUTH_TOKEN= # Turso auth token
# DB_SCHEMA=public # Postgres schema
# DB_SINGLETON_ENABLED=false # reuse a single connection (serverless)
# DB_MAX_CONNECTIONS=1
# Auth (defaults to VITE_APP_URL)
# AUTH_URL=http://localhost:3000Env Loading Order
Loaded by src/lib/env.ts (used by pnpm dev and the db:* / rbac:* scripts):
.env.{NODE_ENV}.local > .env.{NODE_ENV} > .env.local > .envSo in development, put your values in .env.development.
Admin Settings
Sign in with an admin account and open /admin → Settings. Settings cover:
- Auth — email auth toggle, email verification, Google/GitHub OAuth credentials, Google One Tap
- Payment — Stripe / Creem / Alipay / WeChat Pay credentials
- Email — Resend API key and sender address
- Credits — initial credits on signup (enabled / amount / valid days)
All values are stored in the config table and override the corresponding env vars at runtime.