docs: add environment setup and deployment guide

Implements #10

- .env.example with all required environment variables
- vercel.json with CORS headers and region config
- docs/DEPLOYMENT.md with full deployment instructions
- API key setup guides
- Troubleshooting section

Closes #10

.env.example

@@ -1,25 +1,58 @@
-# Environment variables
-# Copy to .env.local and fill in values
+# ===========================================
+# Cutroom Environment Variables
+# ===========================================
+# Copy this file to .env.local and fill in your values
+# Never commit .env.local to version control!
 
-# Database (Vercel Postgres)
-DATABASE_URL="postgresql://..."
+# ===========================================
+# Database (Required)
+# ===========================================
+# Vercel Postgres or any PostgreSQL connection string
+DATABASE_URL="postgresql://user:password@host:5432/database?sslmode=require"
 
-# Vercel Blob Storage
-BLOB_READ_WRITE_TOKEN="..."
+# ===========================================
+# External APIs (Required for stage execution)
+# ===========================================
 
-# ElevenLabs (Voice synthesis)
+# OpenAI - Script generation, research synthesis
+OPENAI_API_KEY="sk-..."
+
+# ElevenLabs - Voice synthesis
 ELEVENLABS_API_KEY="..."
-ELEVENLABS_VOICE_ID="..."
+ELEVENLABS_VOICE_ID="21m00Tcm4TlvDq8ikWAM"  # Default: Rachel
 
-# OpenAI (Script generation)
-OPENAI_API_KEY="..."
-
-# Pexels (Stock footage)
+# Pexels - Stock footage and images
 PEXELS_API_KEY="..."
 
-# Base Chain (Token operations)
-BASE_RPC_URL="https://mainnet.base.org"
-WALLET_PRIVATE_KEY="..."  # Only needed for token deployment
+# ===========================================
+# Storage (Required for production)
+# ===========================================
+# Vercel Blob for storing generated assets
+BLOB_READ_WRITE_TOKEN="vercel_blob_..."
 
-# Openwork (Hackathon API)
-OPENWORK_API_KEY="..."
+# ===========================================
+# Blockchain (Required for token features)
+# ===========================================
+
+# Base RPC endpoint
+BASE_RPC_URL="https://mainnet.base.org"
+
+# Wallet for token operations (treasury)
+# WARNING: Keep this secure! Use Vercel encrypted env vars
+WALLET_PRIVATE_KEY="0x..."
+
+# CUTROOM token address (set after deployment)
+NEXT_PUBLIC_CUTROOM_TOKEN_ADDRESS=""
+
+# ===========================================
+# Optional / Development
+# ===========================================
+
+# Remotion (video rendering)
+# REMOTION_LICENSE_KEY=""
+
+# Analytics (Vercel Analytics auto-configured)
+# VERCEL_ANALYTICS_ID=""
+
+# Development mode
+# NODE_ENV="development"

docs/DEPLOYMENT.md

@@ -0,0 +1,140 @@
+# Deployment Guide
+
+This guide covers deploying Cutroom to Vercel.
+
+## Prerequisites
+
+- Node.js 18+
+- pnpm
+- Vercel account
+- API keys for external services
+
+## Quick Start (Vercel)
+
+The project auto-deploys on push to `main`. Vercel is pre-configured via the hackathon.
+
+### 1. Set Environment Variables
+
+In the Vercel dashboard → Settings → Environment Variables:
+
+| Variable | Required | Description |
+|----------|----------|-------------|
+| `DATABASE_URL` | ✅ | Vercel Postgres connection string |
+| `OPENAI_API_KEY` | ✅ | For script generation |
+| `ELEVENLABS_API_KEY` | ✅ | For voice synthesis |
+| `PEXELS_API_KEY` | ✅ | For stock footage |
+| `BLOB_READ_WRITE_TOKEN` | ✅ | For asset storage |
+| `BASE_RPC_URL` | ⚪ | Default: https://mainnet.base.org |
+| `WALLET_PRIVATE_KEY` | ⚪ | For token treasury operations |
+| `NEXT_PUBLIC_CUTROOM_TOKEN_ADDRESS` | ⚪ | Set after token deployment |
+
+### 2. Database Setup
+
+Vercel Postgres is recommended:
+
+1. Go to Vercel Dashboard → Storage → Create Database
+2. Select "Postgres"
+3. Copy the connection string to `DATABASE_URL`
+4. Run migrations:
+   ```bash
+   npx prisma db push
+   ```
+
+### 3. Deploy
+
+Push to `main` → Vercel auto-deploys.
+
+Or manually:
+```bash
+vercel --prod
+```
+
+### 4. Verify
+
+Check the health endpoint:
+```bash
+curl https://team-cutroom.vercel.app/api/health
+# → {"status":"ok","timestamp":"..."}
+```
+
+## Local Development
+
+```bash
+# Install dependencies
+pnpm install
+
+# Copy environment file
+cp .env.example .env.local
+# Edit .env.local with your values
+
+# Push database schema
+pnpm db:push
+
+# Run dev server
+pnpm dev
+```
+
+## API Keys
+
+### OpenAI
+1. Go to https://platform.openai.com/api-keys
+2. Create a new API key
+3. Add to `OPENAI_API_KEY`
+
+### ElevenLabs
+1. Go to https://elevenlabs.io/
+2. Sign up and go to Profile → API Keys
+3. Create a key, add to `ELEVENLABS_API_KEY`
+4. Find a voice ID at https://elevenlabs.io/voices
+5. Add to `ELEVENLABS_VOICE_ID`
+
+### Pexels
+1. Go to https://www.pexels.com/api/
+2. Sign up and get an API key
+3. Add to `PEXELS_API_KEY`
+
+### Vercel Blob
+1. In Vercel Dashboard → Storage → Create
+2. Select "Blob"
+3. Copy the read-write token to `BLOB_READ_WRITE_TOKEN`
+
+## Token Deployment
+
+See the main README for token deployment instructions.
+
+## Troubleshooting
+
+### Database Connection Failed
+- Check `DATABASE_URL` format
+- Ensure Vercel Postgres is provisioned
+- Run `npx prisma db push` to sync schema
+
+### Build Fails
+- Check for TypeScript errors: `pnpm typecheck`
+- Check for lint errors: `pnpm lint`
+- Run tests: `pnpm test`
+
+### API Routes Return 500
+- Check environment variables are set
+- Check Vercel logs for error details
+- Verify database connection
+
+## Architecture
+
+```
+Vercel
+├── Next.js App (Edge Functions)
+│   ├── /api/pipelines/      → Pipeline CRUD
+│   ├── /api/stages/         → Stage operations
+│   └── /api/webhooks/       → External integrations
+├── Vercel Postgres          → Pipeline & stage data
+├── Vercel Blob              → Generated assets
+└── Edge Config (optional)   → Feature flags
+```
+
+## Security Notes
+
+- Never commit `.env.local` or any file with secrets
+- Use Vercel's encrypted environment variables for sensitive keys
+- The `WALLET_PRIVATE_KEY` should only be set in production for treasury operations
+- API routes validate input; don't bypass validation

vercel.json

@@ -1,5 +1,16 @@
 {
   "framework": "nextjs",
   "buildCommand": "pnpm build",
-  "installCommand": "pnpm install"
+  "installCommand": "pnpm install",
+  "regions": ["iad1"],
+  "headers": [
+    {
+      "source": "/api/(.*)",
+      "headers": [
+        { "key": "Access-Control-Allow-Origin", "value": "*" },
+        { "key": "Access-Control-Allow-Methods", "value": "GET, POST, PUT, DELETE, OPTIONS" },
+        { "key": "Access-Control-Allow-Headers", "value": "Content-Type, Authorization" }
+      ]
+    }
+  ]
 }