- Home
- Skills
- Cameronapak
- Bknd Skills
- Bknd Env Config
bknd-env-config_skill
2
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill cameronapak/bknd-skills --skill bknd-env-config- SKILL.md10.1 KB
Overview
This skill helps configure environment variables for Bknd projects across development and production. It covers creating and loading .env files, injecting env into bknd.config.ts, platform-specific secret storage, and production security checks. Use it to standardize secret handling and avoid common pitfalls when deploying Bknd apps.
How this skill works
The skill explains creating a project-level .env file and optional .dev.vars overrides, then shows how the env parameter is injected into bknd.config.ts for runtime configuration. It documents platform-specific secret workflows (Cloudflare, Vercel, Docker), a syncSecrets option to generate .env.example templates, and validation patterns to fail fast in production when required secrets are missing. It also lists common variables and troubleshooting steps for env loading issues.
When to use it
- Setting up or updating environment variables for a Bknd project
- Injecting secrets and configuration into bknd.config.ts at runtime
- Preparing platform-specific deployments (Cloudflare, Vercel, Docker)
- Creating .env templates and .env.example for safe version control
- Enforcing production security checks for required secrets
Best practices
- Keep real secrets out of version control; commit only .env.example
- Generate a strong JWT_SECRET (minimum 32 bytes) using crypto or openssl
- Validate required production secrets on app start and fail fast
- Use platform secret stores (wrangler secret, Vercel env, Docker secrets) for production
- Use syncSecrets to keep .env.example in sync with config changes
Example use cases
- Local development: create .env and optional .dev.vars to override values like DB_URL and JWT_SECRET
- Cloudflare deployment: set non-secret vars in wrangler.toml and secrets via npx wrangler secret put
- Vercel deployment: add env values through the dashboard or vercel CLI and use .env.local for local dev
- Docker deployment: pass vars via docker-compose environment or env_file and avoid committing secrets
- CI/CD: generate .env.example with npx bknd secrets --template and store real values in pipeline secrets
FAQ
.env must be in the project root alongside bknd.config.ts so the loader can find and merge it into the env parameter.
What if JWT_SECRET is missing in production?
Fail fast: throw an error during config initialization if NODE_ENV is production and JWT_SECRET is absent to prevent insecure defaults.