dotenv-safe instead of manual checking a hardcodet whitelist

[Sharaal]

Instead of:
https://github.com/wearehive/project-guidelines/blob/4baf60bab3fc3d4616712b04f3dab48a3774d20c/config.sample.js#L1-L9

Maybe its an idea to use dotenv-safe, with that you can define the needed env variables in the .env.example (the optional ones can be prefixed with # ).

[bhgsbatista]

I second this, less code, less things to think about. The .gitignore example file would also need to be fixed, since it currently ignores .env* files.