Skip to main content

Production Environment Setup

This page covers configuration differences between local development and production (Render) deployments.

Firebase Credentials

EnvironmentRecommended Approach
Local developmentSet FIREBASE_SERVICE_ACCOUNT_PATH to a relative path (e.g., co2_firebase_utils/service_key.json)
Production (Render)Set FIREBASE_SERVICE_ACCOUNT_JSON to the full JSON content as a single-line string

To convert a JSON file to a single-line string for Render:

cat co2_firebase_utils/service_key.json | tr -d '\n'

Paste the output as the value of FIREBASE_SERVICE_ACCOUNT_JSON in the Render environment.

caution

Never commit the service_key.json file to Git. It is in .gitignore by default.

Supabase Configuration

Supabase credentials (supabaseUrl and supabaseAnonKey) are stored in auth/supabase-config.js, which is served as a static file. These are public values (the Supabase anon key is safe to expose client-side given that RLS policies are configured correctly).

For production:

  1. Create a separate Supabase project (or use the same one)
  2. Update auth/supabase-config.js with the correct URL and anon key before deploying
  3. In Supabase Authentication → URL Configuration, add https://geo-lens.net as an allowed site URL and redirect URL

OpenWeatherMap Key

The OpenWeatherMap API key is currently embedded directly in client/public/js/app.js. For production hardening, consider:

  1. Adding OPENWEATHERMAP_API_KEY to .env
  2. Exposing it through the /config endpoint
  3. Fetching it in app.js at startup

TomTom Fallback Key

server/server.js has a hardcoded fallback TomTom API key. In production, always set TOMTOM_API_KEY explicitly to avoid rate-limiting on the shared fallback key.

NODE_ENV

Set NODE_ENV=production in the Render environment. This is currently used for logging verbosity and may be used for future optimizations.

Checklist: Production Deployment

  • CESIUM_ION_TOKEN set in Render
  • TOMTOM_API_KEY set in Render
  • AIRNOW_API_KEY set in Render
  • TRAFFIC_VIEW_API_KEY set in Render
  • EM_FIREBASE_API_KEY set in Render
  • FIREBASE_SERVICE_ACCOUNT_JSON set in Render (not _PATH)
  • CODETR_API_KEY set in Render (if using camera interoperability)
  • auth/supabase-config.js updated with production Supabase credentials
  • Supabase redirect URLs configured for https://geo-lens.net
  • supabase/schema.sql has been run on the Supabase project
  • Custom domain (geo-lens.net) CNAME or A record pointing to Render
  • Custom domain (docs.geo-lens.net) CNAME pointing to Render Static Site