Environment Variables

Renderer-public VITE vars, main-process MAIN_VITE vars, and Edge secrets.

Electron has more than one environment boundary. Values used by the renderer are bundled into client code, values used by the main process are compiled into the Electron main bundle, and server secrets belong outside the app entirely.

Model

  • .env lives at the project root and is read by Vite/electron-vite.
  • VITE_* values are renderer-public. They ship in the app bundle.
  • MAIN_VITE_* values are main-process build-time config.
  • Creem API keys and webhook secrets are Supabase Edge secrets, not app env.
  • Packaging and signing variables are release-time environment variables for electron-builder or CI.

Supabase URL and publishable key are safe to ship because authorization is enforced by Row Level Security. A Supabase service-role key is not safe to ship and must never be placed in .env.

Starter .env

VITE_AUTH_ENABLED=true
VITE_AUTO_UPDATE_ENABLED=true

VITE_SUPABASE_URL=https://your-project-ref.supabase.co
VITE_SUPABASE_PUBLISHABLE_KEY=your-publishable-anon-key

MAIN_VITE_SENTRY_DSN=

VITE_ANALYTICS_ENDPOINT=
VITE_ANALYTICS_WRITE_KEY=

VITE_REPO_URL=

VITE_BILLING_ENABLED=false
VITE_BILLING_LICENSE_MODE=false
VITE_CREEM_PRODUCT_PRO_MONTHLY=prod_xxx
VITE_CREEM_PRODUCT_PRO_YEARLY=prod_xxx
VITE_CREEM_PRODUCT_LIFETIME=prod_xxx

VITE_SHOWCASE_ENABLED and MAIN_VITE_SHOWCASE_ENABLED are read by code but are not currently listed in .env.example. Add both when you want to preview or build without the removable demo layer.

VITE_SHOWCASE_ENABLED=false
MAIN_VITE_SHOWCASE_ENABLED=false

App env reference

Feature flags

Prop

Type

Supabase

Prop

Type

These values unlock email auth, profile reads/writes, avatar upload, todos, and subscription reads. The setup page documents the SQL and storage bucket the app expects.

Creem product IDs

Prop

Type

Product IDs are not secrets. shared/price-config.ts maps them to plan tiers; unknown or missing product IDs resolve to free so an unconfigured build does not unlock paid features.

Observability, analytics, and support

Prop

Type

Non-app env

Supabase Edge secrets

Set these with supabase secrets set or an Edge secret env file. They are read by functions under supabase/functions/ and must never be bundled into the desktop app.

Prop

Type

Packaging, updates, and signing

Prop

Type

Test-only

Prop

Type

Safe-to-ship checklist

ValueSafe in app bundle?Why
Supabase URLYesIdentifies the project endpoint.
Supabase publishable keyYesIntended for clients; RLS decides which rows the user can access.
Creem product IDsYesProduct identifiers only; they do not create checkout sessions by themselves.
Sentry DSNYes, with opt-in policyA DSN is an ingest address, not a signing secret. User opt-in controls reporting.
Analytics write keyTreat as publicIt ships to the renderer if set. Use it only for low-risk client ingestion.
Supabase service-role keyNoBypasses RLS and can write protected data. Keep it server-side only.
Creem API key/webhook secretNoServer credentials for provider operations and signature verification.
Code-signing certificates/passwordsNoRelease secrets for CI or your local signing environment.

On this page