Week 1 Task 5: Create comprehensive .env.example with detailed documentation

NodeDiver · claude · NodeDiver · commit bff487e23cfd · 2025-10-07T08:10:14.000-03:00
- Add complete environment variable documentation - Include setup instructions and getting started guide - Document all service integrations (Neon, Resend, Upstash, Sentry, Netlify) - Add setup checklist for required vs optional variables - Include generation commands for secrets - Add helpful comments for each section - Reference SETUP_INSTRUCTIONS.md for deployment 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/.env.example b/.env.example
@@ -1,25 +1,104 @@
-# Database Configuration
-# For local development with SQLite:
-DATABASE_URL="file:./dev.db"
+# ===================================
+# CommFlock Environment Configuration
+# ===================================
+# Copy this file to .env and fill in your values
+# NEVER commit .env to version control!
 
-# For PostgreSQL (local or Neon):
-# DATABASE_URL="postgresql://user:password@host:5432/database?sslmode=require"
-# DIRECT_URL="postgresql://user:password@host:5432/database?sslmode=require"
+# ===================================
+# DATABASE
+# ===================================
+# Neon PostgreSQL (Production recommended)
+# Get your connection string from: https://console.neon.tech
+DATABASE_URL="postgresql://user:password@ep-xxx.us-east-2.aws.neon.tech/neondb?sslmode=require"
+DIRECT_URL="postgresql://user:password@ep-xxx.us-east-2.aws.neon.tech/neondb?sslmode=require"
 
-# Authentication
+# OR use SQLite for local development (not for production)
+# DATABASE_URL="file:./dev.db"
+
+# ===================================
+# AUTHENTICATION (NextAuth.js)
+# ===================================
+# Your app's base URL
+# Production: https://yourapp.com
+# Development: http://localhost:3000
 NEXTAUTH_URL="http://localhost:3000"
-NEXTAUTH_SECRET="your-secret-key-here"  # Generate with: openssl rand -base64 32
 
-# Email Service (Resend)
+# Secret key for JWT signing and encryption
+# Generate a secure key: openssl rand -base64 32
+# IMPORTANT: Keep this secret and unique per environment
+NEXTAUTH_SECRET="your-secret-key-minimum-32-characters-long"
+
+# ===================================
+# EMAIL SERVICE (Resend)
+# ===================================
+# Used for password reset emails
+# Sign up at: https://resend.com
+# Get your API key from: https://resend.com/api-keys
+# NOTE: If not configured, reset links will be logged to console (dev only)
 RESEND_API_KEY="re_xxxxxxxxxxxxx"
 
-# Rate Limiting (Upstash Redis) - Optional in development
-# UPSTASH_REDIS_REST_URL="https://xxxxx.upstash.io"
-# UPSTASH_REDIS_REST_TOKEN="xxxxxxxxxxxxx"
+# ===================================
+# RATE LIMITING (Upstash Redis)
+# ===================================
+# Optional: Protects against abuse and DDoS
+# Sign up at: https://console.upstash.com
+# Get credentials from: Redis > Details
+# If not configured, rate limiting is disabled (NOT recommended for production)
+UPSTASH_REDIS_REST_URL="https://xxxxx.upstash.io"
+UPSTASH_REDIS_REST_TOKEN="xxxxxxxxxxxxx"
 
-# Error Monitoring (Sentry) - Optional
+# ===================================
+# ERROR MONITORING (Sentry)
+# ===================================
+# Optional: Track errors and performance in production
+# Sign up at: https://sentry.io
+# Get your DSN from: Settings > Projects > [Your Project] > Client Keys
 # NEXT_PUBLIC_SENTRY_DSN="https://xxxxx@xxxxx.ingest.sentry.io/xxxxx"
+# SENTRY_AUTH_TOKEN="xxxxxxxxxxxxx"
+# SENTRY_ORG="your-org"
+# SENTRY_PROJECT="commflock"
 
-# Deployment (Netlify)
+# ===================================
+# DEPLOYMENT (Netlify)
+# ===================================
+# Only needed for automated deployments
+# Get from: https://app.netlify.com/user/applications
 # NETLIFY_AUTH_TOKEN="xxxxxxxxxxxxx"
 # NETLIFY_SITE_ID="xxxxxxxxxxxxx"
+
+# ===================================
+# DEVELOPMENT TOOLS
+# ===================================
+# Enable Prisma query logging (useful for debugging)
+# DEBUG="prisma:query"
+
+# Node environment (auto-set by most platforms)
+# NODE_ENV="development" # or "production"
+
+# ===================================
+# SETUP CHECKLIST
+# ===================================
+# Required for all environments:
+# ✓ DATABASE_URL
+# ✓ NEXTAUTH_URL
+# ✓ NEXTAUTH_SECRET
+#
+# Recommended for production:
+# ✓ RESEND_API_KEY (for email)
+# ✓ UPSTASH_REDIS_REST_URL + TOKEN (for rate limiting)
+#
+# Optional:
+# ○ SENTRY_DSN (error monitoring)
+# ○ NETLIFY tokens (automated deployment)
+
+# ===================================
+# GETTING STARTED
+# ===================================
+# 1. Copy this file: cp .env.example .env
+# 2. Fill in required values (see checklist above)
+# 3. Generate NEXTAUTH_SECRET: openssl rand -base64 32
+# 4. Run database migrations: npx prisma migrate dev
+# 5. Seed initial data: npx prisma db seed
+# 6. Start dev server: npm run dev
+#
+# For production deployment guide, see: SETUP_INSTRUCTIONS.md
