Configuration
Hoikka is configured entirely through environment variables, read via $env/dynamic/*. Copy .env.example to .env to get started.
Deployment target
A single variable decides how the app is built and where the database and storage come from. It is read in both svelte.config.js (adapter) and vite.config.ts (module aliases).
# "node" (default) or "cloudflare"
HOIKKA_TARGET=node| Target | Adapter | Database | Storage |
|---|---|---|---|
node | @sveltejs/adapter-node | better-sqlite3 file | local filesystem |
cloudflare | @sveltejs/adapter-cloudflare | D1 binding | R2 binding |
Switching targets is just flipping this value (and rebuilding). Run the Cloudflare target locally with pnpm dev:cf.
Required variables
Better Auth
BETTER_AUTH_SECRET=BETTER_AUTH_SECRET signs sessions and is required. See Authentication.
Optional variables
Auth base URL
BETTER_AUTH_URL="https://your-store.example"Not needed normally — auth derives the base URL from the incoming request. Set it only to override, e.g. behind a reverse proxy that doesn’t forward the public origin.
Database location (node target)
# Defaults to ./data/hoikka.db — set only to override.
DATABASE_URL="./data/hoikka.db"Only used on the node target. The Cloudflare target ignores it and uses the D1 binding (platform.env.DB).
OAuth (Google)
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=Google sign-in is enabled only when both are set.
Email (Resend)
RESEND_API_KEY=
RESEND_FROM_EMAIL="noreply@yourdomain.com"Used for digital product delivery emails. Optional — if not set, email delivery is skipped.
Payments (Stripe)
STRIPE_SECRET_KEY="sk_..."
PUBLIC_STRIPE_PUBLISHABLE_KEY="pk_..."Optional for getting started — a mock payment provider is used for development and testing. Get credentials from your Stripe Dashboard .
Other
# Read-only guard: blocks admin POST/mutations for public demos.
DEMO_MODE=
# Absolute site URL for the sitemap (falls back to the request origin).
PUBLIC_SITE_URL=On Cloudflare, secrets are set with wrangler secret put <NAME> rather than an .env file.