| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- # ─── Application ────────────────────────────────────────────────────
- # TMDB API (server-side only — never NEXT_PUBLIC_)
- TMDB_API_KEY=your_tmdb_api_key_here
- # Supabase (public — browser client)
- NEXT_PUBLIC_SUPABASE_URL=http://localhost:8000
- NEXT_PUBLIC_SUPABASE_ANON_KEY=your_anon_key_here
- # Supabase (server-side — internal Docker network)
- SUPABASE_INTERNAL_URL=http://supabase-kong:8000
- SUPABASE_SERVICE_ROLE_KEY=your_service_role_key_here
- # Master Admin
- MASTER_ADMIN_USERNAME=admin
- MASTER_ADMIN_TOTP_SECRET=your_base32_totp_secret_here
- # Session encryption (32+ characters)
- IRON_SESSION_SECRET=this_must_be_at_least_32_characters_long
- # Sentry (optional)
- NEXT_PUBLIC_SENTRY_DSN=
- # ─── Supabase Infrastructure ───────────────────────────────────────
- # IMPORTANT: Replace ALL defaults before first docker compose up.
- # ANON_KEY and SERVICE_ROLE_KEY must be regenerated from JWT_SECRET.
- JWT_SECRET=super-secret-jwt-token-with-at-least-32-characters-long
- POSTGRES_PASSWORD=your-super-secret-and-long-postgres-password
- ANON_KEY=your_anon_key_here
- SERVICE_ROLE_KEY=your_service_role_key_here
- # Studio credentials (dev only — Studio bound to 127.0.0.1)
- DASHBOARD_USERNAME=supabase
- DASHBOARD_PASSWORD=this_password_is_insecure_and_should_be_updated
- # Realtime secret (generate a 64+ char random string)
- REALTIME_SECRET_KEY_BASE=please-generate-a-64-char-secret-key-base-for-realtime-service!!
- # ─── Caddy / Domain ────────────────────────────────────────────────
- DOMAIN=localhost
- TLS_EMAIL=admin@example.com
- # ─── Postgres (optional overrides) ─────────────────────────────────
- POSTGRES_USER=supabase_admin
- POSTGRES_DB=supabase
- # Site URL (for GoTrue redirects)
- SITE_URL=http://localhost:3000
|