Environment Variables
Set all of these in Portainer (or .env.local for local dev).
| Variable | Purpose |
|---|---|
RESEND_API_KEY | Resend API key |
RESEND_FROM_EMAIL | Verified sender address — domain must be verified in Resend dashboard |
RESEND_TO_EMAIL | Notification recipient address |
PRINTFUL_API_KEY | Printful API token |
PRINTFUL_STORE_ID | Printful store numeric ID |
PRINTFUL_WEBHOOK_SECRET | Printful webhook signing secret — returned once on registration, store immediately |
SUPABASE_URL | Supabase project URL |
SUPABASE_SERVICE_ROLE_KEY | Supabase service role key (server-only, never expose to client) |
NEXT_PUBLIC_APP_URL | Public base URL e.g. https://makinmagic.com — used to build questionnaire links |
Gotchas
RESEND_FROM_EMAILmust use a domain verified in the Resend dashboard — not just any DNS domain. Add and verify at resend.com → Domains.PRINTFUL_WEBHOOK_SECRETis only shown once when you register the webhook. If lost, re-runnpm run register:webhooksand update the env var in Portainer.SUPABASE_SERVICE_ROLE_KEYbypasses row-level security — never expose it client-side or inNEXT_PUBLIC_*vars.