logoNestSaaS
Documentation

Environment Setup

NestSaaS Environment Configuration Guide

This document provides a comprehensive guide to configuring environment variables for your NestSaaS application.

Application Configuration

NEXT_PUBLIC_APP_URL=http://localhost:3000
  • NEXT_PUBLIC_APP_URL: The base URL of your application without a trailing slash. Used for generating absolute URLs throughout the application.
    • Development: http://localhost:3000
    • Production: Your domain (e.g., https://yourdomain.com)

Authentication (NextAuth.js)

AUTH_SECRET=
# AUTH_TRUST_HOST=true
 
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
 
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
  • AUTH_SECRET: A random string used to hash tokens, sign cookies and generate cryptographic keys. Generate a secure string (e.g., using openssl rand -base64 32).
  • AUTH_TRUST_HOST: Set to true when deploying behind a reverse proxy to trust the X-Forwarded-Host header.
  • GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET: Credentials for Google OAuth authentication. Obtain from the Google Cloud Console.
  • GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET: Credentials for GitHub OAuth authentication. Obtain from GitHub Developer Settings.

Database (Neon PostgreSQL)

DATABASE_URL='postgres://[user]:[password]@[neon_hostname]/[dbname]?sslmode=require'
  • DATABASE_URL: Connection string for your PostgreSQL database hosted on Neon. Replace the placeholders with your actual credentials.

Email (Resend)

RESEND_API_KEY=
EMAIL_FROM="NestSaaS <support@nestsaas.com>"
  • RESEND_API_KEY: API key for the Resend email service. Obtain from Resend Dashboard.
  • EMAIL_FROM: The sender email address and name displayed in sent emails. Format as "Name <email@domain.com>".

Subscriptions (Stripe)

STRIPE_API_KEY=
STRIPE_WEBHOOK_SECRET=
 
NEXT_PUBLIC_STRIPE_PRO_MONTHLY_PLAN_ID=
NEXT_PUBLIC_STRIPE_PRO_YEARLY_PLAN_ID=
 
NEXT_PUBLIC_STRIPE_BUSINESS_MONTHLY_PLAN_ID=
NEXT_PUBLIC_STRIPE_BUSINESS_YEARLY_PLAN_ID=
  • STRIPE_API_KEY: Your Stripe secret key for server-side operations. Obtain from the Stripe Dashboard.
  • STRIPE_WEBHOOK_SECRET: Secret for verifying Stripe webhook events. Generate in the Stripe Dashboard.
  • NEXT_PUBLIC_STRIPE_*_PLAN_ID: IDs for your subscription plans in Stripe. These are used to identify specific pricing plans in your frontend code.

GitHub Integration

GITHUB_PERSONAL_TOKEN=
  • GITHUB_PERSONAL_TOKEN: Personal access token for GitHub API operations, used to automatically invite collaborators after purchase. Create in GitHub Settings.

AWS S3 Storage (Optional)

MEDIA_STORAGE_PROVIDER=S3
AWS_REGION=
AWS_S3_BUCKET=
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
CLOUDFRONT_DOMAIN=
  • MEDIA_STORAGE_PROVIDER: Set to S3 to enable AWS S3 storage for media files.
  • AWS_REGION: The AWS region where your S3 bucket is located (e.g., us-east-1).
  • AWS_S3_BUCKET: The name of your S3 bucket for storing media files.
  • AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY: AWS credentials with permissions to access the S3 bucket.
  • CLOUDFRONT_DOMAIN: If using CloudFront CDN, specify the domain here.

Cloudflare R2 Storage (Optional)

MEDIA_STORAGE_PROVIDER=R2
AWS_REGION=auto
AWS_S3_BUCKET=
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
CLOUDFRONT_DOMAIN=
R2_ENDPOINT=https://[YOUR-ACCOUNT-ID].r2.cloudflarestorage.com
  • MEDIA_STORAGE_PROVIDER: Set to R2 to enable Cloudflare R2 storage for media files.
  • AWS_REGION: The AWS region where your R2 bucket is located. just set to auto
  • AWS_S3_BUCKET: The name of your R2 bucket for storing media files.
  • AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY: Cloudflare R2 credentials with permissions to access the Cloudflare R2 bucket.
  • R2_ENDPOINT: Specify the endpoint URL, recommand to use customize domain to allow public access.

Analytics (PostHog)

NEXT_PUBLIC_POSTHOG_KEY=phc_GX5eb21l3rIfBFM5MwpDCK9TXb3Y5EsgqSkf6A41pa3
NEXT_PUBLIC_POSTHOG_HOST=https://us.i.posthog.com
  • NEXT_PUBLIC_POSTHOG_KEY: Your PostHog API key for analytics tracking.
  • NEXT_PUBLIC_POSTHOG_HOST: The PostHog instance host URL.

Setting Up Your Environment

  1. Copy the .env.example file to a new file named .env:

    cp .env.example .env

  2. Fill in the values in the .env file with your actual credentials and configuration.

  3. Restart your development server to apply the changes:

    pnpm dev

Security Considerations

  • Never commit your .env file to version control
  • Rotate your API keys and secrets periodically
  • Use different API keys for development and production environments
  • Consider using a secrets manager for production deployments

Submission System

Understanding the content submission and moderation system in NestSaaS

Configuration

Detailed configuration options for your NestSaaS installation

On this page