Appearance
Configuration
RankHub is configured via environment variables. Copy .env.example to .env and fill in the values.
bash
cp .env.example .envRequired Variables
| Variable | Description |
|---|---|
JWT_SECRET | HMAC-SHA256 secret for signing JWTs. Generate with openssl rand -hex 32. |
IP_HASH_SALT | Salt for hashing IP addresses in rate limiting. Generate with openssl rand -hex 32. |
DO_WORKER_URL | URL of the deployed Durable Object worker (e.g., https://rankhub-do.subdomain.workers.dev). Required for WebSocket support. |
Database Variables
Set USE_ONLINE_DB=true for a remote Supabase project, or leave unset for local development.
| Variable | Description |
|---|---|
USE_ONLINE_DB | true for remote Supabase, false/unset for local. |
SUPABASE_URL | Local Supabase URL (default: http://127.0.0.1:54821). |
SUPABASE_ANON_KEY | Supabase anon/public key. |
SUPABASE_SERVICE_ROLE_KEY | Supabase service role key (server-side only). |
DATABASE_URL | PostgreSQL connection string. |
ONLINE_SUPABASE_URL | Remote Supabase project URL (when USE_ONLINE_DB=true). |
ONLINE_SUPABASE_ANON_KEY | Remote anon key (when USE_ONLINE_DB=true). |
ONLINE_SUPABASE_SERVICE_ROLE_KEY | Remote service role key (when USE_ONLINE_DB=true). |
ONLINE_DATABASE_URL | Transaction pooler URL (when USE_ONLINE_DB=true). |
Optional Variables
Environment
| Variable | Description |
|---|---|
ENVIRONMENT | development or production. Affects logging, error reporting, and security headers. |
SERVER_URL | Public URL of the server for absolute links. |
BASE_URL | Base URL for email links (defaults to https://rankhub.app). |
Admin
| Variable | Description |
|---|---|
DEFAULT_ADMIN_EMAIL | Email for the initial admin user. |
DEFAULT_ADMIN_PASSWORD | Password for the initial admin user. Must be 32+ chars in production. |
Email (Resend)
| Variable | Description |
|---|---|
RESEND_API_KEY | Resend API key for transactional emails. |
FROM_EMAIL | Sender address (e.g., RankHub <noreply@rankhub.app>). |
Analytics and Monitoring
| Variable | Description |
|---|---|
VITE_POSTHOG_KEY | PostHog project key. |
VITE_POSTHOG_HOST | PostHog host URL. |
SENTRY_DSN | Sentry DSN for error tracking. |
SENTRY_AUTH_TOKEN | Sentry auth token (CI only, for source maps). |
SLACK_WEBHOOK_URL | Slack webhook for alerting. |
PAGERDUTY_ROUTING_KEY | PagerDuty routing key for critical alerts. |
Cloudflare
| Variable | Description |
|---|---|
CF_ACCOUNT_ID | Cloudflare account ID (for analytics engine). |
CF_API_TOKEN | Cloudflare API token (for analytics engine). |
Secrets
The following variables contain secrets and must never be committed to version control or exposed client-side:
JWT_SECRETIP_HASH_SALTSUPABASE_SERVICE_ROLE_KEYONLINE_SUPABASE_SERVICE_ROLE_KEYDATABASE_URLONLINE_DATABASE_URLDEFAULT_ADMIN_PASSWORDRESEND_API_KEYSENTRY_AUTH_TOKENCF_API_TOKENSNYK_TOKEN
For Cloudflare Pages deployment, set these in the dashboard under Pages > Settings > Environment variables.