mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-30 21:01:54 +08:00
Renames every STACK_*-prefixed variable (including NEXT_PUBLIC_STACK_*) to HEXCLAVE_* across all checked-in .env, .env.development, and .env.example files, completing the env-var side of the Hexclave rebrand. Legacy STACK_* names keep working everywhere so existing deployments, .env.local files, and self-hosted setups don't need immediate migration: - getEnvVariable already prefers HEXCLAVE_* with STACK_* fallback; fix it to treat empty-string values as unset so the empty HEXCLAVE_* placeholders in the checked-in templates can't shadow a real value under the legacy name. - Apply the same empty-as-unset rule (|| instead of ??) to all literal process.env dual-reads (dashboard inline env, docs, examples, CLI) and to the generated SDK env getter chains via packages/template generate-env.ts. - Add explicit HEXCLAVE_* || STACK_* dual-reads to direct process.env readers fed by the renamed files: prisma seed, e2e tests/helpers, internal-tool scripts and app, demo/convex examples. - docker/server/entrypoint.sh: add a generic two-way HEXCLAVE_/STACK_ env mirror (run at startup and again before sentinel replacement), replacing the previous URL-trio-only mirror; accept legacy NEXT_PUBLIC_STACK_PORT_PREFIX; rotate-secrets.sh falls back to HEXCLAVE_DATABASE_CONNECTION_STRING. - e2e cross-domain-auth and the internal-feedback-emails in-source test now override the canonical HEXCLAVE_* names (the legacy override would be shadowed by the renamed env files). - docs/code-examples snippets renamed outright to the canonical names.
43 lines
2.2 KiB
Bash
43 lines
2.2 KiB
Bash
NEXT_PUBLIC_HEXCLAVE_API_URL=# https://your-backend-domain.com
|
|
NEXT_PUBLIC_HEXCLAVE_DASHBOARD_URL=# https://your-dashboard-domain.com, this will be added as a trusted domain by the seed script
|
|
|
|
HEXCLAVE_DATABASE_CONNECTION_STRING=# postgres connection string
|
|
|
|
HEXCLAVE_SERVER_SECRET=# a 32 bytes base64url encoded random string, used for JWT encryption. can be generated with `pnpm generate-keys`
|
|
|
|
# seed script settings
|
|
HEXCLAVE_SEED_INTERNAL_PROJECT_SIGN_UP_ENABLED=# true to enable user sign up to the dashboard when seeding
|
|
HEXCLAVE_SEED_INTERNAL_PROJECT_OTP_ENABLED=# true to add OTP auth to the dashboard when seeding
|
|
HEXCLAVE_SEED_INTERNAL_PROJECT_ALLOW_LOCALHOST=# true to allow running dashboard on the localhost, set this to true only in development
|
|
HEXCLAVE_SEED_INTERNAL_PROJECT_OAUTH_PROVIDERS=# list of oauth providers to add to the dashboard when seeding, separated by comma, for example "github,google,facebook"
|
|
HEXCLAVE_SEED_INTERNAL_PROJECT_USER_EMAIL=# default user added to the dashboard
|
|
HEXCLAVE_SEED_INTERNAL_PROJECT_USER_PASSWORD=# default user's password, paired with HEXCLAVE_SEED_INTERNAL_PROJECT_USER_EMAIL
|
|
HEXCLAVE_SEED_INTERNAL_PROJECT_USER_INTERNAL_ACCESS=# if the default user has access to the internal dashboard project
|
|
HEXCLAVE_SEED_INTERNAL_PROJECT_USER_GITHUB_ID=# add github oauth id to the default user
|
|
|
|
# Set these if you want to use any email functionality
|
|
HEXCLAVE_EMAILABLE_API_KEY=disable_email_validation
|
|
HEXCLAVE_EMAIL_HOST=
|
|
HEXCLAVE_EMAIL_PORT=
|
|
HEXCLAVE_EMAIL_USERNAME=
|
|
HEXCLAVE_EMAIL_PASSWORD=
|
|
HEXCLAVE_EMAIL_SENDER=
|
|
|
|
# Set these if you want to use webhooks
|
|
HEXCLAVE_SVIX_SERVER_URL=# this is only needed if you self-host the Svix service
|
|
NEXT_PUBLIC_HEXCLAVE_SVIX_SERVER_URL=# this is only needed if you are using docker compose and the external and internal urls are different. This is the external url for the Svix service.
|
|
HEXCLAVE_SVIX_API_KEY=
|
|
|
|
HEXCLAVE_OPENROUTER_API_KEY=# enter your OpenRouter API key for AI features
|
|
|
|
HEXCLAVE_SKIP_SEED_SCRIPT=# true to skip the seed script
|
|
|
|
HEXCLAVE_S3_ENDPOINT=
|
|
HEXCLAVE_S3_REGION=
|
|
HEXCLAVE_S3_ACCESS_KEY_ID=
|
|
HEXCLAVE_S3_SECRET_ACCESS_KEY=
|
|
HEXCLAVE_S3_BUCKET=
|
|
HEXCLAVE_S3_PRIVATE_BUCKET=
|
|
|
|
HEXCLAVE_FREESTYLE_API_KEY=# enter your freestyle.sh api key
|