Documentation

Quickstart

One command installs every prerequisite and gets your project running locally. Purchase first — the installer handles the rest.

Every code block has a copy button in the top-right corner. Click it to copy, then paste straight into your terminal.

Quick install

The installer checks and sets up every prerequisite automatically — Node.js 20+, pnpm, and the Supabase CLI. Then it clones your repo, installs dependencies, and copies .env.example to get you to your first pnpm dev in minutes.

Before running: purchase a licence, accept the GitHub invite Polar sends, and click "Use this template" on the private repo to create your own copy. You'll paste that URL when the installer asks.

macOS & Linux
curl -fsSL https://already-eu.wait-what.shop/install.sh | bash

The installer is a plain shell script — read it first if you prefer. No remote execution beyond Homebrew and npm.

What the script does

  • Checks for Homebrew (macOS) — installs if missing
  • Checks Node.js 20+ — installs or upgrades via Homebrew
  • Checks pnpm 9+ — installs via npm if missing
  • Checks Supabase CLI — installs via Homebrew if missing
  • Asks for your GitHub repo URL and a local folder name
  • Clones, runs pnpm install, copies .env.example → .env.local
  • Prints the three commands to finish setup

After install

The installer leaves you at a working directory with dependencies installed and a blank .env.local. Three more steps to a running app:

01
Fill in .env.local

Open .env.local and add your Supabase and Mollie credentials. The minimum required keys are listed in the env vars reference below.

Don't have cloud accounts yet? Already runs fully locally — use supabase start for a local Postgres + Auth stack, and Mollie test-mode keys (no live account needed).

02
pnpm setup

Validates env vars, runs DB migrations, and bootstraps Mollie products. Safe to re-run.

pnpm setup

Writes Mollie price IDs back to .env.local automatically.

03
pnpm dev

Starts Next.js, local Supabase, the Mollie CLI webhook listener, and the email preview server in one command.

pnpm dev
  • localhost:3000 — your app
  • localhost:54323 — Supabase Studio (local DB)
  • localhost:3001 — React Email preview
Prefer a guided walkthrough? Book a 15-min setup call (€49) — screen share, walk through your environment together, get running fast.
Book a slot →
Manual setup — prefer to do it yourself?

If you'd rather control each step, skip the installer and follow the steps below. Same end result.

Prerequisites

You need these installed before you start. All free.

Node.js 20+
Check: node --version
pnpm 9+
npm i -g pnpm
Supabase CLI
brew install supabase/tap/supabase

You'll also need accounts with Supabase (free tier), Mollie (test mode), and Vercel (free tier). None require billing information to start.

Step 1 — Purchase

01
Buy on Polar → use the template

Purchase a Solo or Team licence at already-eu.wait-what.shop/#pricing. Polar (Merchant of Record) processes the payment and handles tax globally.

Within 1–2 minutes you'll receive an email from GitHub with a repository invite. Accept it, then click "Use this template" → "Create a new repository" on the private Already repo to get your own clean copy.

Step 2 — Clone

02
Clone and install
git clone https://github.com/YOUR_USERNAME/YOUR_REPO_NAME
cd YOUR_REPO_NAME
pnpm install

Step 3 — Run setup

03
pnpm setup
cp .env.example .env.local
# Edit .env.local — add your Supabase and Mollie keys
pnpm setup

For billing, run the Mollie bootstrapper after setup:

pnpm setup:mollie

Step 4 — Local dev

04
pnpm dev
pnpm dev
  • localhost:3000 — your app
  • localhost:54323 — Supabase Studio
  • localhost:3001 — React Email preview

Step 5 — Deploy

05
vercel deploy

Already's vercel.json is pre-configured. Connect your repo to a Vercel project and add the production env vars from your .env.local.

vercel deploy --prod

CI/CD is pre-wired via GitHub Actions. Every PR gets a Vercel preview deploy. Playwright E2E tests run against it.

Required env vars

All vars are documented in .env.example with inline comments. The minimum set for local dev:

# Supabase (local: run supabase start)
NEXT_PUBLIC_SUPABASE_URL=
NEXT_PUBLIC_SUPABASE_ANON_KEY=
SUPABASE_SERVICE_ROLE_KEY=
DATABASE_URL=
DATABASE_URL_DIRECT=

# Mollie (test mode keys from dashboard)
MOLLIE_SECRET_KEY=
MOLLIE_WEBHOOK_SECRET=
NEXT_PUBLIC_MOLLIE_PUBLISHABLE_KEY=

# Brevo (dev mode — emails logged, not sent)
BREVO_API_KEY=

# Webhook signing key — required. Generate with: openssl rand -base64 32
WEBHOOK_SIGNING_KEY=

# Cron secret — must match Vercel Cron's Authorization header
CRON_SECRET=

Keep secrets out of .env files

Optional but recommended once you go to production. Already ships a CLI that stores production credentials in your OS keychain (macOS Keychain or pass on Linux) instead of .env.local. A stolen laptop or an accidental git add .env can no longer leak a live Mollie key.

pnpm already secrets push        # interactive prompt → keychain
eval "$(pnpm already secrets export)"   # inject into the current shell
pnpm already secrets scan        # check .env files for live keys

The pre-commit hook runs secrets scan automatically. If a .env* file contains anything that looks like a real Mollie live key, a Brevo API key, or a Postgres URL with embedded credentials, the commit is blocked. Test-mode keys and explicit placeholders are allowlisted.

Full recipe: docs/recipes/keychain-secrets.md in your repo.

Useful commands

pnpm dev                     # start everything
pnpm db:seed                 # seed local DB with demo data
pnpm db:studio               # open Drizzle Studio (local DB UI)
pnpm reset                   # drop DB → migrate → seed (~5s)
pnpm email                   # React Email preview server
pnpm test                    # Vitest unit + integration tests
pnpm test:e2e                # Playwright E2E tests
pnpm already doctor          # health check: env, DB, Mollie, deps
pnpm already secrets push    # store credentials in macOS Keychain
pnpm already secrets export  # emit `export KEY=value` lines for shell eval
pnpm already secrets scan    # detect live keys in .env files (pre-commit hook)
pnpm already changelog       # compare your fork against the latest release

What's in the repo

Already ships 16 modules. Each has its own docs inside the repo. Here's the map:

  • Authlib/auth/, app/(auth)/. Includes the owner-only org MFA mandate at /app/settings/security.
  • Billinglib/billing/, config/billing.ts, app/(billing)/
  • Multi-tenant orgslib/orgs/, db/schema/orgs.ts. B2B and B2C mode toggle in config/app.ts.
  • Messagingmessaging/, lib/messaging/
  • Background jobslib/jobs/, app/api/cron/
  • AI integrationlib/ai/, per-org credits ledger, per-org rate limits at lib/auth/rate-limit.ts
  • Feature flagslib/flags/, config/flags.ts
  • Adminapp/(admin)/, impersonation, append-only audit log
  • Securitylib/security/, anomaly detection, AES-256-GCM secret-at-rest, SSRF-guarded outbound webhooks
  • SSO + SCIM (Enterprise add-on)lib/auth/sso.ts, lib/scim/, endpoint at app/api/scim/v2/
  • i18nlib/i18n/, messages/ (en, de, es, it, fr)
  • Secrets CLIcli/commands/secrets.ts. Push to macOS Keychain, pre-commit scanner blocks live keys from .env files.

Full module reference docs are inside the repo at docs/recipes/, readable by Claude Code and Cursor out of the box. Two recipes worth flagging up front: docs/recipes/keychain-secrets.md (production-grade secret handling) and docs/recipes/scim-provisioning.md (Okta and Entra integration).