CloudSyncPro separates environment variables into two distinct groups: client-side variables with theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/S4nti4goCoder/cloudsyncpro/llms.txt
Use this file to discover all available pages before exploring further.
VITE_ prefix that Vite bundles into the browser build, and server-side secrets that only Supabase Edge Functions can access. Understanding which group a variable belongs to matters for security — accidentally exposing a secret key in a VITE_ variable sends it to every user’s browser.
Client-side variables
These variables are set in.env.local for local development, and in Vercel → Settings → Environment Variables for production deployments. They are embedded in the browser bundle at build time.
The URL of your Supabase project. Found in Supabase Dashboard → Project Settings → API. Format:
https://<project-id>.supabase.co.The anonymous (public) API key for your Supabase project. This key is safe to expose to the browser — access is controlled by Row Level Security (RLS) policies in Postgres. Found in Supabase Dashboard → Project Settings → API.
The public read-only URL for your Cloudflare R2 bucket. Used to construct file preview and download URLs in the frontend. This can be a custom domain (e.g.
https://files.your-domain.com) or the default pub.r2.dev URL provided by Cloudflare.The DSN (Data Source Name) for Sentry error monitoring. When this variable is empty or not set, error monitoring is disabled and the app behaves normally. To enable it, get your DSN from Sentry → Project Settings → Client Keys. Only relevant for production environments.
Server-side variables
These variables are used exclusively by Supabase Edge Functions (upload-file, delete-account, purge-files). They should never appear in .env.local in production or carry the VITE_ prefix.
The S3-compatible endpoint for your Cloudflare R2 account. Format:
https://<account-id>.r2.cloudflarestorage.com. Used by Edge Functions to perform authenticated R2 operations (upload, delete).The public read-only base URL for the R2 bucket. Used by the
upload-file Edge Function to construct the publicUrl returned in the response. Set this to the same value as VITE_R2_PUBLIC_URL — either the pub.r2.dev URL or your custom domain.Your Cloudflare account ID. Found in the Cloudflare Dashboard right sidebar under Account ID.
The access key ID for an R2 API token with read and write permissions on your bucket. Generate tokens in Cloudflare Dashboard → R2 → Manage R2 API Tokens.
The secret access key paired with
R2_ACCESS_KEY_ID. Only shown once at token creation time — store it securely.The name of the R2 bucket where files are stored. Defaults to
cloudsyncpro in the example configuration.The service role key for your Supabase project. Bypasses RLS and has full database access — used by Edge Functions that need to perform admin-level operations. Found in Supabase Dashboard → Project Settings → API. Never expose this key to the browser.
A shared secret used to authenticate the scheduled
purge-files Edge Function call. The pg_cron job sends this value in the X-Cron-Secret header; the Edge Function verifies it before processing the auto-purge. Set this to a long random string.