Skip to main content

Environment Configuration

This guide provides detailed information about all environment variables and configuration options for Clipron AI deployment.

Configuration Files Overview

Clipron AI uses environment files to manage configuration across different deployment environments:

Backend Configuration

backend/.env - Server-side settings, API keys, database configuration

Frontend Configuration

frontend/.env.production - Client-side settings, API URLs, feature flags

Backend Environment Variables

Core Application Settings

# Application Environment
ENVIRONMENT=production              # production, development, testing
DEBUG=false                        # Enable debug mode (development only)

# Security
SECRET_KEY=your-secret-key-here    # JWT signing key (min 32 chars)
ALGORITHM=HS256                    # JWT algorithm
ACCESS_TOKEN_EXPIRE_MINUTES=30     # JWT token expiration

# Server Configuration
HOST=0.0.0.0                      # Server bind address
PORT=8000                         # Server port
WORKERS=4                         # Number of worker processes
SECRET_KEY must be a strong, random string. Generate with: openssl rand -hex 32
# Frontend URL for CORS
FRONTEND_URL=https://yourdomain.com

# Additional allowed origins (comma-separated)
ALLOWED_ORIGINS=https://app.yourdomain.com,https://admin.yourdomain.com

# CORS credentials
ALLOW_CREDENTIALS=true

Database Configuration

AI Model API Keys

# Google Gemini (Primary)
GOOGLE_GEMINI_API_KEY=your_google_gemini_api_key
GOOGLE_GEMINI_MODEL=gemini-1.5-flash  # or gemini-1.5-pro

# DeepSeek (Code-specialized)
DEEPSEEK_API_KEY=your_deepseek_api_key
DEEPSEEK_MODEL=deepseek-coder

# Anthropic Claude (Advanced reasoning)
ANTHROPIC_API_KEY=your_anthropic_api_key
ANTHROPIC_MODEL=claude-3-5-sonnet-20241022

# OpenAI (Fallback)
OPENAI_API_KEY=your_openai_api_key
OPENAI_MODEL=gpt-4o-mini
At least one AI API key is required. Having multiple providers ensures better reliability and cost optimization.
# Request timeouts (seconds)
AI_REQUEST_TIMEOUT=120
AI_MAX_RETRIES=3
AI_RETRY_DELAY=2

# Rate limiting
AI_RATE_LIMIT_PER_MINUTE=60
AI_BURST_LIMIT=10

# Cost optimization
AI_COST_TRACKING=true
AI_BUDGET_LIMIT_MONTHLY=1000  # USD

OAuth Configuration

# Google OAuth credentials
GOOGLE_CLIENT_ID=your_client_id.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=GOCSPX-your_client_secret

# OAuth scopes
GOOGLE_OAUTH_SCOPES=openid,email,profile

# Redirect URLs (must match Google Console)
GOOGLE_REDIRECT_URI=https://yourdomain.com/auth/google/callback
Setup Instructions:
  1. Go to Google Cloud Console
  2. Create OAuth 2.0 credentials
  3. Add authorized redirect URIs
  4. Copy client ID and secret
# GitHub OAuth credentials
GITHUB_CLIENT_ID=your_github_client_id
GITHUB_CLIENT_SECRET=your_github_client_secret

# OAuth scopes
GITHUB_OAUTH_SCOPES=user:email,repo

# Redirect URLs
GITHUB_REDIRECT_URI=https://yourdomain.com/auth/github/callback
Setup Instructions:
  1. Go to GitHub Settings > Developer settings > OAuth Apps
  2. Create new OAuth App
  3. Set authorization callback URL
  4. Copy client ID and secret

Payment Configuration

# Stripe API keys
STRIPE_SECRET_KEY=sk_live_your_secret_key  # or sk_test_ for testing
STRIPE_PUBLISHABLE_KEY=pk_live_your_publishable_key

# Webhook configuration
STRIPE_WEBHOOK_SECRET=whsec_your_webhook_secret
STRIPE_WEBHOOK_ENDPOINT=https://yourdomain.com/api/webhooks/stripe

# Product configuration
STRIPE_PRICE_ID_CREDITS=price_your_credits_price_id
STRIPE_PRICE_ID_PRO=price_your_pro_subscription_id

# Credit pricing and limits
CREDITS_PER_DOLLAR=10
FREE_CREDITS_NEW_USER=50
FREE_CREDITS_MONTHLY=100
MAX_CREDITS_PURCHASE=10000

# Credit expiration
CREDITS_EXPIRE_DAYS=365
CREDITS_WARNING_THRESHOLD=10

Email Configuration

# Email server configuration
SMTP_SERVER=smtp.gmail.com
SMTP_PORT=587
SMTP_USE_TLS=true
SMTP_USERNAME=[email protected]
SMTP_PASSWORD=your_app_password

# Email settings
FROM_EMAIL=[email protected]
FROM_NAME=Clipron AI

# Email features
SEND_WELCOME_EMAIL=true
SEND_ANALYSIS_COMPLETE_EMAIL=true
SEND_CREDIT_LOW_EMAIL=true

# Template configuration
EMAIL_TEMPLATE_DIR=templates/email
EMAIL_LOGO_URL=https://yourdomain.com/logo.png
EMAIL_UNSUBSCRIBE_URL=https://yourdomain.com/unsubscribe

# Notification settings
EMAIL_RATE_LIMIT=100  # emails per hour
EMAIL_QUEUE_SIZE=1000

Logging and Monitoring

# Log levels
LOG_LEVEL=INFO  # DEBUG, INFO, WARNING, ERROR, CRITICAL
LOG_FORMAT=json  # json, text

# Log files
LOG_FILE=/var/log/clipron/app.log
LOG_MAX_SIZE=100MB
LOG_BACKUP_COUNT=5

# Structured logging
LOG_REQUEST_ID=true
LOG_USER_ID=true
LOG_PERFORMANCE=true

# Sentry error tracking
SENTRY_DSN=https://[email protected]/project_id
SENTRY_ENVIRONMENT=production
SENTRY_TRACES_SAMPLE_RATE=0.1

# Prometheus metrics
PROMETHEUS_ENABLED=true
PROMETHEUS_PORT=9090

# Health check
HEALTH_CHECK_ENABLED=true
HEALTH_CHECK_ENDPOINT=/health

Frontend Environment Variables

API Configuration

# Backend API URL
REACT_APP_API_URL=https://yourdomain.com/api

# Environment
REACT_APP_ENVIRONMENT=production

# API timeouts
REACT_APP_API_TIMEOUT=30000
REACT_APP_UPLOAD_TIMEOUT=300000

Feature Flags

# Authentication features
REACT_APP_ENABLE_GOOGLE_AUTH=true
REACT_APP_ENABLE_GITHUB_AUTH=true
REACT_APP_ENABLE_EMAIL_AUTH=true

# Analysis features
REACT_APP_ENABLE_GITHUB_INTEGRATION=true
REACT_APP_ENABLE_FILE_UPLOAD=true
REACT_APP_ENABLE_CODE_PASTE=true

# Payment features
REACT_APP_ENABLE_STRIPE_PAYMENTS=true
REACT_APP_ENABLE_CREDIT_SYSTEM=true

# Interface options
REACT_APP_ENABLE_DARK_MODE=true
REACT_APP_ENABLE_NOTIFICATIONS=true
REACT_APP_ENABLE_ANALYTICS_DASHBOARD=true

# Advanced features
REACT_APP_ENABLE_API_PLAYGROUND=true
REACT_APP_ENABLE_WEBHOOK_MANAGEMENT=true
REACT_APP_ENABLE_TEAM_FEATURES=false

Analytics and Tracking

# Google Analytics 4
REACT_APP_GA_MEASUREMENT_ID=G-XXXXXXXXXX
REACT_APP_ENABLE_ANALYTICS=true

# Analytics configuration
REACT_APP_ANALYTICS_DEBUG=false
REACT_APP_TRACK_USER_INTERACTIONS=true

# Sentry frontend tracking
REACT_APP_SENTRY_DSN=https://[email protected]/project_id
REACT_APP_SENTRY_ENVIRONMENT=production
REACT_APP_ENABLE_SENTRY=true

# Error reporting
REACT_APP_SENTRY_TRACES_SAMPLE_RATE=0.1
REACT_APP_SENTRY_REPLAY_SAMPLE_RATE=0.1

Environment-Specific Configurations

Development Environment

ENVIRONMENT=development
DEBUG=true
DATABASE_URL=sqlite:///./clipron_dev.db
FRONTEND_URL=http://localhost:3000
LOG_LEVEL=DEBUG

# Use test API keys
STRIPE_SECRET_KEY=sk_test_...

Staging Environment

ENVIRONMENT=staging
DEBUG=false
DATABASE_URL=postgresql://staging_user:pass@staging-db:5432/clipron_staging
FRONTEND_URL=https://staging.yourdomain.com

# Use test API keys but production-like setup
STRIPE_SECRET_KEY=sk_test_...

Security Best Practices

Environment File Security

Critical Security Practices:
  • Never commit .env files to version control
  • Use strong, unique passwords and API keys
  • Rotate secrets regularly
  • Restrict file permissions: chmod 600 .env
  • Use environment variable injection in containers

Secret Management

# Use external secret management
# AWS Secrets Manager
SECRET_KEY=$(aws secretsmanager get-secret-value --secret-id clipron/secret-key --query SecretString --output text)

# HashiCorp Vault
SECRET_KEY=$(vault kv get -field=secret_key secret/clipron)

# Kubernetes Secrets
SECRET_KEY=$(cat /var/secrets/secret-key)

# Add to startup script
required_vars=(
    "SECRET_KEY"
    "DATABASE_URL"
    "GOOGLE_GEMINI_API_KEY"
    "STRIPE_SECRET_KEY"
)

for var in "${required_vars[@]}"; do
    if [[ -z "${!var}" ]]; then
        echo "Error: $var is not set"
        exit 1
    fi
done
Configuration Tip: Use a configuration management tool like Ansible, Terraform, or Kubernetes ConfigMaps for managing environment variables across multiple deployments.