Nudgra Cloud splits production configuration between the Next.js host and the Convex deployment.
Local baseline
Copy .env.example to .env.local:
In Windows PowerShell:
Local values usually look like this:
npx convex dev writes NEXT_PUBLIC_CONVEX_URL and NEXT_PUBLIC_CONVEX_SITE_URL locally.
Vercel variables
Set these on Vercel:
Convex production variables
Set these on the Convex production deployment:
JWT_PRIVATE_KEY and JWKS are required by Convex Auth. Generate them with npx @convex-dev/auth --prod; do not handcraft them unless you are following the Convex Auth manual setup docs.
Required production shape
Keep SITE_URL exact in both Vercel and Convex:
Do not use a Vercel preview URL or localhost value in production.
Set the allowed Google emails:
Set the public app origin:
After Google and Meta are configured, set:
Generate random tokens
Generate META_VERIFY_TOKEN with OpenSSL:
Or generate it with Node:
Important secrets
Keep a private copy of these production secrets:
JWT_PRIVATE_KEY.
JWKS.
AUTH_GOOGLE_SECRET.
META_APP_SECRET.
META_VERIFY_TOKEN.
CONVEX_DEPLOY_KEY.