Environment variables

apps/www is the only worker. Public values bake in at build from .env (committed, not secrets); secrets live in .env.local (gitignored) for dev and as Wrangler secrets for prod. SvelteKit convention: PUBLIC_* vars are exposed to the browser via $env/static/public; everything else is server-only. The core Supabase, Electric, and durable-stream vars fail fast at startup with a loud error naming any that are missing (hooks.server.ts); the AI-provider and Daytona keys below are read on demand, so a missing one just disables that feature. .env loads first, then .env.local overrides.

.env (committed, public — baked into the build)
  PUBLIC_SUPABASE_URL                     # Supabase API URL
  PUBLIC_SUPABASE_PUBLISHABLE_KEY         # Supabase publishable key
  PUBLIC_ELECTRIC_URL                     # Electric SQL shape API base URL
  PUBLIC_DURABLE_STREAMS_URL              # Electric durable streams endpoint
  PUBLIC_POSTHOG_KEY                      # PostHog client key
  PUBLIC_POSTHOG_HOST                     # PostHog ingest (e.g. https://eu.i.posthog.com)

.env.local (secrets — also as wrangler secrets in prod)
  SUPABASE_JWT_SECRET           # raw HS256 from Supabase → Settings → API → JWT Secret
                                # NOT a JWT, NOT the service role key — wrong value → "No suitable key"
  SUPABASE_SERVICE_ROLE_KEY     # admin operations
  DURABLE_STREAMS_SECRET        # bearer for durable stream requests (Electric SQL dashboard)
  ELECTRIC_SOURCE_ID            # Electric source identifier
  ELECTRIC_SOURCE_SECRET        # JWT for Electric shape requests
  OPENROUTER_API_KEY            # THE LLM key: in-process bot replies + ambient gate (default
                                # provider) and the sandbox pi default model. A house secret of
                                # the same name overrides it for that house's turns.
  ANTHROPIC_API_KEY             # optional — only consulted when a thread/bot model is an explicit
                                # `anthropic/<id>` (direct API). House secret of the same name overrides.
                                # Other direct-provider keys (e.g. GEMINI_API_KEY) are house/env-binding
                                # secrets only, never worker env — see system/llm-keys.md.
  DAYTONA_API_KEY               # Daytona sandbox operator key; a same-named house secret overrides it
  RAGTHIS_API_URL               # file-index (ragthis) base URL; with the key below it enables search_files / list_files
                                # prod: https://ragthis-arbe.fly.dev (fly app `ragthis-arbe`, arbe's own deployment of oskarrough/ragthis; gated by the key)
                                # dev:  http://localhost:8787 (`bun run dev:api` in ~/sites/ragthis; ungated locally, set any key)
  RAGTHIS_API_KEY               # file-index bearer token — server-side only, never reaches browser or model
                                # rotate with `fly secrets set API_KEY=...` on the ragthis app + `wrangler secret put RAGTHIS_API_KEY` here
                                # poke the instance directly with the ragthis CLI: `ragthis config` shows url/key + source, `ragthis ping` verifies
                                # (config: `ragthis config set url|key …` → ~/.config/ragthis/config.json; env vars override it)
  CONDUCTOR_SECRET              # shared secret the workflow conductor sends as `x-conductor-secret` to POST /api/wf/step; set the SAME value here and in the arbe1 sprite `.env` (the conductor)

Production: bunx wrangler secret put <NAME> from apps/www/. apps/www/.env.example lists the dev secrets to copy and fill — but it’s incomplete (the optional provider keys above aren’t in it yet). Optional release stamping: RELEASE_SHA (falls back to 'dev'). SUPABASE_PROJECT_REF sits in .env but is used only by the Supabase CLI, not the worker. GitHub access uses GITHUB_TOKEN, a per-house/sandbox secret — not a worker env var.

Code: apps/www/.env.example.
See system/deployment, system/development, system/auth, system/environments.