Hey, asking humbly for learning purposes: why copy something that already exists in the code to a source outside of the code? The whole idea of process env var is for *external people (e.g. devops) to inject values from the *outside to the *inside because they have no access to the code or to modify during runtime. Why is there a need to copy from the inside (where things really matter) to the outside? Is the purpose to show devops/system folks the defaults and the various env var options? Thanks for clarifying
I would encourage you to read Twelve-Factor App on Config and Environment Variables in Node.js.
why copy something that already exists in the code to a source outside of the code?
Security mostly. Sending your production database password that's in your source code to every developer on your team and GitHub.com leaves a lot of opportunity for the wrong people to get it.
But...
You instruct to "Create a .env file in the root directory of your project" so the keys and secrets are actually within the code. What do I miss here?
@i0natan You should add that file to your .gitignore
Most helpful comment
@i0natan You should add that file to your .gitignore