-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
79 lines (67 loc) · 3 KB
/
.env.example
File metadata and controls
79 lines (67 loc) · 3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# Database
# Development (SQLite):
DATABASE_URL="file:./dev.db"
# Production (PostgreSQL):
# Choose one of the following providers:
#
# 1. Vercel Postgres (https://vercel.com/storage/postgres)
# DATABASE_URL="postgresql://user:password@compute.vercel.com:5432/dbname?sslmode=require"
# DIRECT_URL="postgresql://user:password@compute.vercel.com:5432/dbname?sslmode=require"
#
# 2. Supabase (https://supabase.com)
# DATABASE_URL="postgresql://postgres.xxxxx:password@aws-0-region.pooler.supabase.com:6543/postgres?sslmode=require"
# DIRECT_URL="postgresql://postgres.xxxxx:password@aws-0-region.postgres.supabase.com:5432/postgres?sslmode=require"
#
# 3. Neon (https://neon.tech)
# DATABASE_URL="postgresql://user:password@ep-xxxxx.us-east-1.aws.neon.tech:5432/dbname?sslmode=require"
# DIRECT_URL="postgresql://user:password@ep-xxxxx.us-east-1.aws.neon.tech:5432/dbname?sslmode=require"
#
# Connection pooling:
# - DATABASE_URL: Use the pooled connection URL for normal queries
# - DIRECT_URL: Use the direct (non-pooled) URL for migrations
# (only if your provider uses PgBouncer or similar connection pooling)
# Auth (Koompi KID — dash.koompi.org)
SESSION_SECRET="your-32-char-min-secret-here-replace-me"
NEXTAUTH_SECRET="your-secret-here"
KOOMPI_OAUTH_URL="https://dash.koompi.org"
KOOMPI_KID_CLIENT_ID="your-client-id"
KOOMPI_KID_CLIENT_SECRET="your-client-secret"
# Storage (KConsole)
KCONSOLE_API_URL="https://api.kconsole.dev"
KCONSOLE_API_KEY="your-api-key"
KCONSOLE_PUBLIC_URL="https://storage.kconsole.dev"
# AWS SES v2 (email)
AWS_SES_REGION="us-east-1"
AWS_SES_ACCESS_KEY="your-access-key"
AWS_SES_SECRET_KEY="your-secret-key"
# Stripe
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY="pk_live_..."
STRIPE_SECRET_KEY="sk_live_..."
STRIPE_WEBHOOK_SECRET="whsec_..."
# Site URLs
NEXT_PUBLIC_APP_URL="http://localhost:3000"
# Webhook secrets
CRON_SECRET="your-cron-secret"
SES_WEBHOOK_SECRET="your-ses-webhook-secret"
# Rate limiting (Upstash Redis — required for production multi-instance deploys)
# Get free instance at https://upstash.com
UPSTASH_REDIS_REST_URL=""
UPSTASH_REDIS_REST_TOKEN=""
# Baray.io (Cambodia payments — ABA, ACLEDA, Wing, Sathapana)
# Get credentials at https://baray.io
BARAY_API_KEY=""
BARAY_SK="" # base64-encoded AES-256 key
BARAY_IV="" # base64-encoded AES IV
BARAY_WEBHOOK_SECRET="" # HMAC-SHA256 secret for webhook signature verification
# Bot token encryption (AES-256-GCM) — generate: openssl rand -hex 32
BOT_TOKEN_ENCRYPTION_KEY=""
# OpenClaw agent provisioning (skill.koompi.ai)
# Set AGENT_PROVISION_MODE=local for dev (writes to .agent-workspaces/ instead of remote)
AGENT_PROVISION_MODE="local"
OPENCLAW_PROVISION_URL="https://skill.koompi.ai"
OPENCLAW_PROVISION_SECRET=""
OPENCLAW_SSH_HOST="skill.koompi.ai" # fallback if no HTTP provision endpoint
OPENCLAW_SSH_USER="openclaw"
OPENCLAW_SSH_KEY_PATH="/etc/metta/openclaw-deploy-key"
# Optional: Prisma Accelerate for connection pooling (alternative to PgBouncer)
# DATABASE_URL="prisma://..." (requires Prisma Accelerate paid plan)