Vercel deployment guide and a clearer missing-env error for Supabase
`0b6ee888` is mostly documentation: a new `docs/VERCEL_DEPLOYMENT.md` (222 lines) covering how to deploy Gary's frontend on Vercel with the backend staying on a separate host. The single code change makes a missing Supabase URL fail with the variable name rather than a cryptic prerender crash.
The architectural constraint the guide documents is real. Gary's Express backend needs LibreOffice for DOC/DOCX conversion, handles long-running document processing, and requires a persistent process. Vercel's serverless execution model is a poor fit for all three. The documented path puts only the Next.js frontend/ on Vercel (Root Directory set to frontend/, build settings left at defaults) and runs the backend on Railway, Render, Fly.io, or a VM. The frontend finds the backend through NEXT_PUBLIC_API_BASE_URL.
The guide is specific about the public/private variable split. NEXT_PUBLIC_* variables are baked into the browser bundle at build time - they're browser-visible, not secrets. Service-role Supabase keys, provider API keys, the signing secret, and the encryption secret belong on the backend host only, not in Vercel. The guide covers what goes where for both the Vercel environment and the backend .env, and explains that changing a NEXT_PUBLIC_* value in Vercel requires a fresh build to take effect.
The code change is a one-line improvement to error clarity. A missing NEXT_PUBLIC_SUPABASE_URL previously caused an opaque prerender failure; it now names the missing variable and where to set it. The same change standardized on NEXT_PUBLIC_SUPABASE_ANON_KEY as the canonical variable name while accepting the legacy NEXT_PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY as a fallback, so existing deployments don't break.
zgbrenner explicitly deferred Clerk auth (still using Supabase Auth at this commit), a Vercel config file (argued it adds nothing once the root directory is set), and a one-click backend deploy template. Those follow in subsequent PRs. If you're reading this commit in isolation, the Vercel deployment it describes is open to the internet without an auth gate - a concern zgbrenner noted in the PR.
Spotted something wrong? Or know the PR text has fresher detail than the writeup above?