Development
How do you structure environment variables in a full-stack app?
Use a `.env` file per environment (`.env.local`, `.env.production`) with a `.env.example` checked into version control documenting every required variable. Prefix client-exposed variables (`NEXT_PUBLIC_`, `VITE_`) to distinguish them from server-only secrets. Load variables through your framework's built-in env handling and validate them at startup with a schema (zod, envalid).
Key Considerations
- Never commit `.env` files with real secrets — add them to `.gitignore` and use `.env.example` as the template
- Validate all environment variables at app startup so you fail fast with clear error messages, not cryptic runtime errors
- Use a secrets manager (Doppler, Infisical, AWS Secrets Manager) for team environments instead of sharing .env files over Slack
- Client-side variables are publicly visible in the browser bundle — never prefix API keys or database URLs with `NEXT_PUBLIC_`
- Document each variable's purpose, format, and where to obtain it in `.env.example` with comments