CupaDev
Get Started
← Back to Documentation

Environment Variables

Manage secrets, API keys, and configuration for your deployed applications.

How it works

Environment variables are encrypted and stored securely. They are injected into your container at deploy time — both during the build phase (for build-time variables like NEXT_PUBLIC_*) and at runtime.

Variables take effect on next deploy. After adding or editing a variable, CupaDev will prompt you to redeploy. Running containers are not updated automatically.

Managing variables

Add a single variable

Go to Project → Environment Variables tab → click Add Variable. Enter the key and value. The value is masked by default but you can reveal it with the eye icon.

Import from .env file

Click Add Variable → Import .env and paste the contents of your .env file. CupaDev parses the file and upserts all variables at once.

DATABASE_URL=postgresql://user:pass@host:5432/mydb
NEXTAUTH_SECRET=your-super-secret-key-here
NEXTAUTH_URL=https://myapp.cupadev.com
AUTH_TRUST_HOST=true
STRIPE_SECRET_KEY=sk_live_...

Comments (#) and blank lines are ignored.

Edit or delete a variable

Click the menu on any variable to edit, copy the value, or delete it. The current value is shown when you open the edit dialog.

Build-time vs runtime variables

Build-time

Variables available during npm run build. Required for:

  • NEXT_PUBLIC_* (baked into JS bundle)
  • Analytics IDs, public API URLs
  • Feature flags used at build

Runtime

Variables injected into the running container. Required for:

  • DATABASE_URL, REDIS_URL
  • AUTH_SECRET, JWT_SECRET
  • External API keys (Stripe, SendGrid…)

All variables set in CupaDev are available at both build time and runtime.

Auto-injected variables

CupaDev automatically injects these variables — you don't need to set them:

VariableValueDescription
PORT3000Port your app must listen on
NODE_ENVproductionSet at runtime
HOSTNAME0.0.0.0Bind address (Next.js)

Always use process.env.PORT — never hardcode a port number. Your app must bind on 0.0.0.0, not localhost, to accept external traffic.

Variables required by common stacks

Next.js + Auth.js (NextAuth v5)

AUTH_SECRET=<32-char random string>
AUTH_TRUST_HOST=true
NEXTAUTH_URL=https://your-project.cupadev.com

Next.js + Prisma

DATABASE_URL=postgresql://user:pass@host:5432/db

Express / Node.js API

DATABASE_URL=...
JWT_SECRET=...

Stripe

STRIPE_SECRET_KEY=sk_live_...
STRIPE_WEBHOOK_SECRET=whsec_...