Security·

Environment Variables Best Practices

How to manage environment variables securely in DeployHub

Managing Environment Variables Securely

Environment variables are a critical part of modern application development. Here's how to manage them effectively in DeployHub.

Types of Variables

DeployHub supports different types of environment variables:

Production Variables

Available in production deployments. Use these for sensitive configuration.

Preview Variables

Available only in preview deployments (pull requests). Useful for testing configurations.

Secret Variables

Values are encrypted and not visible once saved. Perfect for API keys and passwords.

Best Practices

Keep Secrets Out of Code

Never commit secrets to version control. Always use environment variables.

Use Different Values per Environment

Use different API keys for development, staging, and production.

Limit Access

Restrict who can view and modify environment variables. Use role-based access control.

Use Descriptive Names

Use clear, consistent naming conventions:

  • API_URL
  • DATABASE_URL
  • STRIPE_API_KEY

Test with Preview Deployments

Use preview deployments to test environment variable changes before production.

Rotate Secrets Regularly

Regularly rotate API keys and other secrets, especially if team members leave.

Framework Specifics

Next.js

// .env.local
NEXT_PUBLIC_API_URL=https://api.example.com
API_SECRET=secret

Nuxt

// nuxt.config.ts
export default defineNuxtConfig({
  runtimeConfig: {
    apiKey: process.env.API_KEY
  }
})

Vite

// .env
VITE_API_URL=https://api.example.com

By following these practices, you'll keep your application secure and maintainable.

[object Object]

Migrating to DeployHub

How to migrate your existing applications to DeployHub

Powered by DeployHub • © 2026