Single Docker Image for Next.js: Runtime Env Var Strategy?
Unanswered
porto posted this in #help-forum
portoOP
I'm looking for a recommended way to deploy Next.js applications using a single Docker image across multiple environments. The core challenge is that both my server-side and client-side environment variables need to be defined and read at runtime for each specific environment.
Is there a standard or widely recommended solution within the Next.js ecosystem to achieve this? I've been exploring libraries like
Is there a standard or widely recommended solution within the Next.js ecosystem to achieve this? I've been exploring libraries like
next-runtime-env, but I have some security concerns that I've detailed in this GitHub issue: https://github.com/expatfile/next-runtime-env/issues/187 I'd appreciate any insights or alternative approaches you might have for securely handling runtime environment variables in a single-image Docker deployment.3 Replies
Burmese
using next-runtime-env or not, you are free to put sensitive env vars in server rendered templates and next will happily include them in the page
if you want to guarantee you wont leak anything, set up https://varlock.dev - you can mark items as being
@sensitive, and the next integration will scan for leaked secrets, both at build and runtimeTheres still a little more work I need to do to support dynamic (ie not bundled at build time) yet not sensitive items, but it should be coming very soon