Skip to main content

Environment Configuration

FindU currently uses a single production Supabase project. This guide explains how to configure your local development environment to connect to the production database.

Current Architecture

We’re currently using a single production environment. Be extremely careful when developing locally as you’ll be working with real user data.

Environment Files

Each repository has its own environment configuration:

Web App (.env)

VITE_SUPABASE_URL=https://your-project.supabase.co
VITE_SUPABASE_ANON_KEY=<your-anon-key>
VITE_ENV=production

iOS App (Secrets.xcconfig)

SUPABASE_URL = https://your-project.supabase.co
SUPABASE_ANON_KEY = <your-anon-key>

Matching Algorithm (.env)

SUPABASE_URL=https://your-project.supabase.co
SUPABASE_SERVICE_KEY=<your-service-key>
ENVIRONMENT=production

Data Scraping (.env)

SUPABASE_URL=https://your-project.supabase.co
SUPABASE_SERVICE_KEY=<your-service-key>
COLLEGE_SCORECARD_API_KEY=<your-api-key>
FIRECRAWL_API_KEY=<your-firecrawl-key>  # For enhance-colleges
OPENAI_API_KEY=<your-openai-key>        # For crawl4ai-enhance

Getting Credentials

From Supabase Dashboard

  1. Log into Supabase Dashboard
  2. Select the FindU production project
  3. Go to Settings → API
  4. Copy:
    • Project URL → Use in all SUPABASE_URL fields
    • Anon/Public Key → Use for SUPABASE_ANON_KEY
    • Service Role Key → Use for SUPABASE_SERVICE_KEY (keep secret!)

From GitHub Secrets

If you have access to GitHub organization secrets:
  1. Go to Organization Settings → Secrets
  2. View the production secrets
  3. Use these exact values in your local environment files

Working with Production

Since we’re using production directly:

Best Practices

  1. Always use test accounts when developing features
  2. Never delete or modify real user data
  3. Be careful with bulk operations that could affect many users
  4. Test thoroughly before deploying changes
  5. Monitor logs for any issues

Creating Test Data

-- Create a test student account
INSERT INTO students (email, name, profile_data)
VALUES ('[email protected]', 'Test User', '{"test": true}');

-- Mark as test account to avoid confusion
UPDATE students 
SET profile_data = jsonb_set(profile_data, '{is_test}', 'true')
WHERE email LIKE '%test%';

Service Configuration

Railway Services

All services deploy automatically from the main branch:

Supabase Features

  • Database: PostgreSQL with RLS enabled
  • Auth: Email, Apple, and Google sign-in
  • Storage: Public bucket for school images
  • Edge Functions: Serverless functions for specialized tasks

CI/CD Integration

GitHub Actions use organization secrets:

Standard Secret Names

  • SUPABASE_URL
  • SUPABASE_ANON_KEY
  • SUPABASE_SERVICE_KEY
  • RAILWAY_TOKEN
  • COLLEGE_SCORECARD_API_KEY
  • FIRECRAWL_API_KEY
  • OPENAI_API_KEY
These are configured at the organization level and available to all repositories.

Local Development Tips

Using Supabase CLI

# Install Supabase CLI
brew install supabase/tap/supabase

# Login to Supabase
supabase login

# Link to production project
supabase link --project-ref your-project-id

# Generate types for TypeScript
supabase gen types typescript --linked > types/supabase.ts

Database Migrations

# Create a new migration
supabase migration new your_migration_name

# Apply migrations locally first
supabase db push

# Then push to production (be careful!)
supabase db push --linked

Safety Guidelines

1

Use test accounts

Create dedicated test accounts:
-- Always use emails with 'test' in them
INSERT INTO auth.users (email) 
VALUES ('[email protected]');
2

Backup before major changes

# Export data before risky operations
supabase db dump -f backup.sql --linked
3

Test migrations locally

# Reset local database and test
supabase db reset
supabase migration up
4

Monitor after deployment

  • Check Supabase logs
  • Monitor Railway deployments
  • Watch for user reports

Troubleshooting

Check that:
  • Your Supabase project is active (not paused)
  • Credentials are correct
  • You’re using the right key type (anon vs service)
Some operations require service role key:
  • Bulk updates
  • Admin operations
  • Data migrations
Make sure:
  • File is named correctly (.env, not .env.local)
  • You’ve restarted the development server
  • Variables use correct naming convention

Security Notes

  • Never commit environment files - They’re gitignored for a reason
  • Rotate credentials regularly - Especially if exposed
  • Use service keys sparingly - Only for admin operations
  • Monitor access logs - Watch for suspicious activity
Next, learn about database operations to understand the schema, or check out the architecture overview to see how all components work together.