Environment Variables

Configure your AppLighter environment for different database adapters.

Overview

AppLighter uses a flexible adapter system that lets you choose your database backend. Configuration is done through environment variables in each app directory.

Quick Setup

Copy the example environment files:

# Mobile app
cp apps/mobile/.env.example apps/mobile/.env

# API server
cp apps/server/.env.example apps/server/.env

Mobile App Configuration

Configure apps/mobile/.env based on your chosen adapter.

Adapter Selection

Choose one of three adapters:

# Options: sqlite, supabase, custom
EXPO_PUBLIC_ADAPTER=sqlite

SQLite Adapter (Default)

The SQLite adapter provides local-first, offline-capable storage. Perfect for development and apps that don't need cloud sync.

EXPO_PUBLIC_ADAPTER=sqlite

# JWT secret for local authentication (minimum 32 characters)
EXPO_PUBLIC_JWT_SECRET=your-jwt-secret-key-change-in-production-min-32-chars

When to use:

• Rapid prototyping and development
• Offline-first applications
• Apps that don't require multi-device sync
• Simple single-user applications

Supabase Adapter

Connect to Supabase for cloud PostgreSQL database with built-in authentication.

EXPO_PUBLIC_ADAPTER=supabase

# Get these from your Supabase project: Settings > API
EXPO_PUBLIC_SUPABASE_URL=https://your-project-id.supabase.co
EXPO_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

When to use:

• Production applications with multi-user support
• Apps requiring real-time sync
• Applications needing Supabase Auth (social login, magic links)
• Team/collaborative features

Supabase Setup Steps:

1. Create a project at supabase.com
2. Navigate to Settings > API
3. Copy the Project URL to EXPO_PUBLIC_SUPABASE_URL
4. Copy the anon/public key to EXPO_PUBLIC_SUPABASE_ANON_KEY

Custom API Adapter

Connect to your own backend API for full control over data storage.

EXPO_PUBLIC_ADAPTER=custom

# Your API base URL
EXPO_PUBLIC_CUSTOM_API_URL=https://api.your-server.com

When to use:

• Existing backend infrastructure
• Custom authentication requirements
• Specific compliance or data residency needs
• Complex business logic on the server

Server Configuration

Configure apps/server/.env for the Hono API server.

Basic Configuration

# Server port
PORT=3001

# JWT secret for token signing (minimum 32 characters)
JWT_SECRET=your-secret-key-min-32-characters

Database Connection (Production)

For production deployments with PostgreSQL:

# PostgreSQL connection string
DATABASE_URL=postgresql://user:password@localhost:5432/dbname

Storage Configuration (Optional)

For file uploads and storage:

# S3-compatible storage
S3_BUCKET=your-bucket
S3_REGION=us-east-1
S3_ACCESS_KEY=your-access-key
S3_SECRET_KEY=your-secret-key

Environment Variable Reference

Mobile App Variables

| Variable | Required | Default | Description | |----------|----------|---------|-------------| | EXPO_PUBLIC_ADAPTER | Yes | sqlite | Database adapter: sqlite, supabase, or custom | | EXPO_PUBLIC_JWT_SECRET | For SQLite | - | JWT secret for local auth (32+ chars) | | EXPO_PUBLIC_SUPABASE_URL | For Supabase | - | Supabase project URL | | EXPO_PUBLIC_SUPABASE_ANON_KEY | For Supabase | - | Supabase anonymous API key | | EXPO_PUBLIC_CUSTOM_API_URL | For Custom | - | Custom API base URL |

Server Variables

| Variable | Required | Default | Description | |----------|----------|---------|-------------| | PORT | No | 3001 | API server port | | JWT_SECRET | Yes | - | JWT signing secret (32+ chars) | | DATABASE_URL | No | - | PostgreSQL connection string | | S3_BUCKET | No | - | S3 bucket name | | S3_REGION | No | - | S3 region | | S3_ACCESS_KEY | No | - | S3 access key | | S3_SECRET_KEY | No | - | S3 secret key |

Security Best Practices

1. Never commit .env files - They're already in .gitignore
2. Use strong secrets - Generate with openssl rand -base64 32
3. Rotate secrets regularly - Especially after team changes
4. Use different secrets per environment - Dev, staging, production
5. Store production secrets securely - Use your CI/CD platform's secret management

Generating Secure Secrets

# Generate a 32-character random secret
openssl rand -base64 32

# Or using Node.js
node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"

Next Steps

• Build your first feature with the Quick Start guide
• Learn about Vibecode DB operations
• Set up AI Generation for rapid development