πŸ“‹ Cheat Sheets
Β· 1 min read

Complete .env Setup for Next.js + Prisma + Stripe β€” Copy & Paste

Starting a new Next.js project with Prisma and Stripe? Here’s every env var you need.

The .env file

# ===================
# Database (Prisma)
# ===================
DATABASE_URL="[postgresql](/blog/what-is-postgresql/)://postgres:postgres@localhost:5432/myapp?schema=public"
# For Prisma migrations in production:
DIRECT_URL="postgresql://postgres:postgres@localhost:5432/myapp?schema=public"

# ===================
# NextAuth.js
# ===================
NEXTAUTH_URL="http://localhost:3000"
NEXTAUTH_SECRET="run-this: openssl rand -base64 32"

# ===================
# Stripe
# ===================
STRIPE_SECRET_KEY="sk_test_..."
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY="pk_test_..."
STRIPE_WEBHOOK_SECRET="whsec_..."

# ===================
# OAuth (if using social login)
# ===================
GITHUB_CLIENT_ID=""
GITHUB_CLIENT_SECRET=""
GOOGLE_CLIENT_ID=""
GOOGLE_CLIENT_SECRET=""

# ===================
# Email (optional)
# ===================
SMTP_HOST="smtp.resend.com"
SMTP_PORT="465"
SMTP_USER="resend"
SMTP_PASSWORD="re_..."
EMAIL_FROM="noreply@yourdomain.com"

# ===================
# App
# ===================
NEXT_PUBLIC_APP_URL="http://localhost:3000"
NODE_ENV="development"

The .env.example file

Copy the above but remove all values. Commit this to git so your team knows what’s needed:

DATABASE_URL=
DIRECT_URL=
NEXTAUTH_URL=
NEXTAUTH_SECRET=
STRIPE_SECRET_KEY=
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=
STRIPE_WEBHOOK_SECRET=
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
NEXT_PUBLIC_APP_URL=
NODE_ENV=

The .gitignore lines

Make sure these are in your .gitignore:

.env
.env.local
.env.production

Never commit .env. Only commit .env.example.

How to generate secrets

# NextAuth secret
openssl rand -base64 32

# Or if you don't have openssl
node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"

Accessing in code

// Server-side (API routes, server components)
const dbUrl = process.env.DATABASE_URL;
const stripeKey = process.env.STRIPE_SECRET_KEY;

// Client-side (only NEXT_PUBLIC_ vars)
const publishableKey = process.env.NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY;

Remember: only variables prefixed with NEXT_PUBLIC_ are exposed to the browser. Everything else stays server-side.

Production checklist

  • Replace all localhost URLs with production URLs
  • Generate a real NEXTAUTH_SECRET
  • Switch Stripe keys from sk_test_ to sk_live_
  • Set NODE_ENV=production
  • Set env vars in your hosting platform (Vercel, Railway, etc.) β€” don’t upload .env files

Related: What is Next.js

πŸ“˜

You might also like

The ESLint + Prettier Config That Ends All Arguments β€” Copy It

A complete ESLint + Prettier setup for TypeScript projects. No more formatting debates. Just copy these files.

Production Nginx Reverse Proxy Config β€” Copy, Paste, Done

A battle-tested Nginx reverse proxy config with SSL, gzip, security headers, and WebSocket support. Just copy it.

The Only GitHub Actions CI Pipeline You Need β€” Copy & Paste

A complete GitHub Actions CI/CD pipeline for Node.js projects. Lint, test, build, deploy. Just copy it.

Docker Compose with PostgreSQL & Redis β€” Just Copy It

A production-ready Docker Compose file with PostgreSQL, Redis, and your app. Copy, paste, docker compose up.