-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
65 lines (54 loc) · 2.87 KB
/
Copy path.env.example
File metadata and controls
65 lines (54 loc) · 2.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# CoreFlow Environment Variables
# Copy to .env and fill in. NEVER commit a real .env (it is git-ignored).
# ========== DATABASE (Postgres) ==========
# Runtime connection — use a POOLED url in serverless/production
# (PgBouncer / Neon / Supabase pooler). Local dev can use the direct url.
# Local (docker compose up -d):
DATABASE_URL="postgresql://coreflow:coreflow@localhost:5432/coreflow?schema=public"
# Direct (unpooled) connection — used only by `prisma migrate`/introspection.
# In production set this to the NON-pooled url. Locally it can equal DATABASE_URL.
DIRECT_URL="postgresql://coreflow:coreflow@localhost:5432/coreflow?schema=public"
# ========== AUTHENTICATION ==========
# 32+ char secret for HS256 JWT signing. Generate with:
# node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
AUTH_SECRET=""
# ========== INDEXER (chain → DB projection) ==========
# Shared secret guarding GET /api/indexer/run. Vercel Cron sends
# `Authorization: Bearer $CRON_SECRET`; set CRON_SECRET (preferred on Vercel) or
# INDEXER_SECRET. The indexer also needs NEXT_PUBLIC_STELLAR_READ_ADDRESS set so
# it can read full escrow detail on `created` events.
INDEXER_SECRET=""
# ========== AUTHORIZATION ==========
# Comma-separated Stellar wallet addresses bootstrapped to the `admin` role on
# login. The first admin then grants manager/finance/worker via
# POST /api/admin/roles. Leave empty in environments with no admin.
ADMIN_WALLETS=""
# ========== ORACLE (server-side signer) ==========
# 32-byte hex Ed25519 seed used to sign verified work-hours proofs. The public
# half is fetched by clients and stored as each escrow's oracle_pubkey.
# Generate with:
# node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
# NEVER expose this value to the client.
ORACLE_SECRET_KEY=""
# ========== NETWORK CONFIGURATION ==========
# Network to use: testnet or public
NEXT_PUBLIC_STELLAR_NETWORK=testnet
# ========== STELLAR READ ADDRESS ==========
# Public key used for read-only contract simulations (no signing authority).
# Must be a valid Stellar public key on the configured network.
NEXT_PUBLIC_STELLAR_READ_ADDRESS=
# ========== CONTRACT CONFIGURATION ==========
# The deployed CoreFlow contract address on Testnet or Mainnet.
# Update this after deploying the contract.
NEXT_PUBLIC_STELLAR_CONTRACT_ID=
# Settlement token: the Stellar Asset Contract (SAC) address used for custody.
# On escrow creation the contract pulls this token from the manager and releases
# it to workers on finalize. Use the USDC SAC for the configured network.
NEXT_PUBLIC_STELLAR_TOKEN_ID=
# ========== WALLET CONFIGURATION ==========
# Freighter wallet timeout in milliseconds
NEXT_PUBLIC_FREIGHTER_TIMEOUT=5000
# ========== RPC ENDPOINTS ==========
# Selected automatically from NEXT_PUBLIC_STELLAR_NETWORK:
# Testnet: https://soroban-testnet.stellar.org
# Mainnet: https://mainnet.sorobanrpc.com