Tutorial

Environment Variables Explained

Env vars keep secrets out of your code and let you configure apps per environment (dev, staging, prod).

The .env File

# .env (never commit this)
DATABASE_URL=postgres://localhost:5432/mydb
API_SECRET=sk_live_abc123

# .env.example (commit this)
DATABASE_URL=
API_SECRET=

Next.js Convention

  • NEXT_PUBLIC_* - exposed to the browser
  • Everything else - server-only

Common Mistakes

  • Committing .env to git
  • Forgetting to set vars in production dashboard
  • Putting secrets in NEXT_PUBLIC_ variables