Skip to content

Configuration Guide

In this guide, we'll walk through configuring the Craft Your Startup Boilerplate for both local development and production environments. The project uses environment variables stored in .env files to manage settings like database credentials, API keys, and other configurations.

Table of Contents

  1. Environment Files
  2. Configuring Environment Variables
  3. Database Configuration
  4. OAuth and API Keys
  5. Mailchimp Integration
  6. Other Environment Variables
  7. Local vs Production Setup
  8. Best Practices for Managing Secrets

Environment Files

The project uses .env files to manage environment-specific configurations. The following files are typically used:

  • local.env: For local development.
  • prod.env: For the production environment.
  • local.env.example: An example file provided with default values. This file can be copied to create local.env and prod.env.

Setting Up .env Files

  1. Copy the example environment file to create your local.env for development:

    cp local.env.example local.env

  2. For production, create a prod.env:

    cp local.env.example prod.env

  3. Customize each file with your environment-specific values (e.g., API keys, database credentials).

Configuring Environment Variables

The .env files hold key-value pairs that configure the app’s behavior. Below is a breakdown of the key variables and how to configure them.

Database Configuration

You'll need to set up PostgreSQL database connection details for both local and production environments.

# Database configuration
db_username=craftyourstartup
db_password=craftyourstartup
db_host=localhost
db_port=54323
db_database=craftyourstartup
db_sslmode=require
  • db_username: The PostgreSQL username.
  • db_password: The PostgreSQL password.
  • db_host: The hostname where your database is running (usually localhost for development).
  • db_port: The port where the database is accessible (54323 in this example).
  • db_database: The name of the database.
  • db_sslmode: SSL mode for securing the database connection. Typically require in production.

OAuth and API Keys

The project integrates with third-party services like AWS and Google for OAuth. Make sure to configure these in your .env files.

# Google OAuth2 configuration
google_oauth2_client_id=xxx
google_oauth2_secret=xxx

# AWS S3 configuration
aws_access_key_id=xxx
aws_secret_access_key=xxx
  • google_oauth2_client_id: Your Google OAuth client ID.
  • google_oauth2_secret: Your Google OAuth client secret.
  • aws_access_key_id: AWS access key for interacting with AWS services (e.g., S3).
  • aws_secret_access_key: AWS secret key.

Mailchimp Integration

If you're using Mailchimp for transactional emails or email marketing, configure it with the following environment variable:

# Mailchimp API configuration
mailchimp_api_key=your-mailchimp-api-key
  • mailchimp_api_key: The Mailchimp API key, used for accessing Mailchimp services (e.g., email campaigns, transactional emails).

Make sure to securely store your Mailchimp API key to prevent unauthorized access.

Other Environment Variables

You may also have additional environment variables for other services and settings.

# Stripe API for payment processing
stripe_api_key=xxx
stripe_webhook_secret=xxx

# Front-end redirect after login
redirect_after_login=http://localhost:5173

# Support email for customer inquiries
[email protected]

# Environment (local, production, etc.)
env=local
  • stripe_api_key: API key for Stripe, used for managing payments and subscriptions.
  • stripe_webhook_secret: Webhook secret key for verifying Stripe payment notifications.
  • redirect_after_login: The URL users are redirected to after successful login (usually your React app).
  • support_email: The support email address for users to contact.
  • env: Specifies the environment (e.g., local, production).

Local vs Production Setup

Local Development

For local development, ensure your local.env is configured with local database credentials and appropriate development values:

db_host=localhost
db_port=54323
db_database=craftyourstartup

redirect_after_login=http://localhost:5173
support_email=support@localhost
env=local

Production Environment

In the production environment, you'll need to update the values to match your production infrastructure (e.g., cloud database credentials, production API keys).

db_host=prod-db-host
db_port=5432
db_database=prod-database
redirect_after_login=https://your-production-site.com
[email protected]
env=production

Make sure to secure your production environment and avoid exposing sensitive information like API keys or database credentials.

Best Practices for Managing Secrets

  1. Use .env Files in Development: Keep environment-specific configuration isolated in .env files, but never commit these files to version control. Add .env to your .gitignore.

  2. Use Secret Management in Production: For production, consider using secret management tools like:

    • AWS Secrets Manager
    • Google Secret Manager
    • Vault by HashiCorp

  3. Environment Variables in CI/CD: When deploying through a CI/CD pipeline, use your platform’s secret management to inject environment variables securely.

That's it for configuration! Make sure your environment files are properly set up before running the application, and follow best practices for managing secrets in production.