ln-733-env-configurator

Configures environment variables and secrets protection

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "ln-733-env-configurator" with this command: npx skills add levnikolaevich/claude-code-skills/levnikolaevich-claude-code-skills-ln-733-env-configurator

Paths: File paths (shared/, references/, ../ln-*) are relative to skills repo root. If not found at CWD, locate this SKILL.md directory and go up one level for repo root.

ln-733-env-configurator

Type: L3 Worker Category: 7XX Project Bootstrap Parent: ln-730-devops-setup

Configures environment variables for development and production environments.

Purpose & Scope

Creates environment configuration files:

  • Does: Generate .env files, update .gitignore for secrets protection
  • Does NOT: Store secrets, manage external secrets managers, configure CI/CD secrets

Inputs

InputSourceDescription
Project NameDirectory nameUsed for database/service naming
Backend PortStack-dependent5000 (.NET), 8000 (Python)
Frontend PortDefault3000
Database PortDefault5432
Detected VarsCode analysisEnvironment variables found in code

Outputs

FilePurposeTemplate
.env.exampleDocumented templateenv_example.template
.env.developmentLocal development defaultsenv_development.template
.env.productionProduction placeholdersenv_production.template
.gitignore (append)Secrets protectiongitignore_secrets.template

Workflow

Phase 1: Environment Discovery

Scan project for existing environment usage:

  • Check for existing .env files
  • Search code for process.env, os.environ, Configuration[]
  • Identify which variables are secrets vs configuration

Output: List of required environment variables with types

Phase 2: Variable Classification

Classify discovered variables:

CategoryExamplesTreatment
DatabaseDATABASE_URL, POSTGRES_*Auto-generate with project name
API ConfigAPI_PORT, LOG_LEVELUse detected or defaults
SecurityJWT_SECRET, API_KEYPlaceholder with warning
ExternalREDIS_URL, SMTP_*Comment out as optional

Phase 3: Template Generation

Generate environment files from templates:

  1. Apply variable substitution
  2. Include all discovered variables
  3. Add comments for undocumented variables

Phase 4: Gitignore Update

Append secrets protection to .gitignore:

  1. Read existing .gitignore (if exists)
  2. Check if secrets patterns already present
  3. Append missing patterns from template
  4. Preserve existing entries

Generated File Structure

.env.example

Documented template with all variables:

  • Section headers (Database, Backend, Frontend, Security, External)
  • Descriptive comments for each variable
  • Safe placeholder values (never real secrets)
  • Optional variables commented out

.env.development

Ready-to-use development configuration:

  • Pre-filled values that work with docker-compose
  • Development-only secrets (clearly marked)
  • Debug-level logging enabled

.env.production

Production placeholder file:

  • ${VARIABLE} syntax for deployment substitution
  • Comments indicating required secrets
  • Production-appropriate defaults (Warning log level)

Security Best Practices

PracticeImplementation
No real secretsPlaceholder values only in templates
Gitignore protectionAll .env files except .env.example
Development warningsMark dev secrets as insecure
Production guidanceComments about secrets manager usage
Key rotation reminderNote about regular secret rotation

Security Notes

Generated files include these security reminders:

  1. Never commit real secrets - .gitignore prevents accidental commits
  2. Use secrets manager - GitHub Secrets, AWS Secrets Manager for production
  3. Rotate secrets regularly - Especially JWT secrets
  4. Strong JWT secrets - Minimum 256 bits (32 bytes)
  5. Restrict CORS - Only allow necessary origins in production

Quality Criteria

Generated files must:

  • .env.example contains all required variables
  • No real secrets or passwords in any file
  • .gitignore updated with secrets patterns
  • .env.development works with docker-compose
  • .env.production uses placeholder syntax

Critical Notes

  1. Template-based: Use templates from references/. Do NOT hardcode file contents.
  2. Idempotent: Check file existence. Append to .gitignore, don't overwrite.
  3. No Real Secrets: Never generate files with actual passwords or API keys.
  4. Development Safety: Development defaults should work out-of-box with docker-compose.

Reference Files

FilePurpose
env_example.templateDocumented .env template
env_development.templateDevelopment defaults
env_production.templateProduction placeholders
gitignore_secrets.template.gitignore additions

Version: 1.1.0 Last Updated: 2026-01-10

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

ln-782-test-runner

No summary provided by upstream source.

Repository SourceNeeds Review
119-levnikolaevich
Coding

ln-140-test-docs-creator

No summary provided by upstream source.

Repository SourceNeeds Review
112-levnikolaevich
Coding

ln-150-presentation-creator

No summary provided by upstream source.

Repository SourceNeeds Review
106-levnikolaevich
Coding

ln-110-project-docs-coordinator

No summary provided by upstream source.

Repository SourceNeeds Review
106-levnikolaevich