# Corrosion Platform — Environment Variables
# Copy to .env and fill in values

# Database
DATABASE_URL=postgres://corrosion:corrosion_dev@localhost:5432/corrosion
DATABASE_MAX_CONNECTIONS=20
DB_PASSWORD=corrosion_dev

# NATS
NATS_URL=nats://localhost:4222

# Auth
JWT_SECRET=change-me-to-a-random-64-char-string
JWT_ACCESS_EXPIRY_SECONDS=900
JWT_REFRESH_EXPIRY_SECONDS=604800
ENCRYPTION_KEY=change-me-to-a-random-32-byte-hex-key

# Bootstrap Admin (creates admin user on first run if no users exist)
ADMIN_EMAIL=admin@corrosionmgmt.com
ADMIN_PASSWORD=corrosion-dev-2026
ADMIN_USERNAME=Commander
ADMIN_LICENSE_KEY=CORROSION-DEV-0001-ADMIN

# Cloudflare (subdomain provisioning)
CLOUDFLARE_API_TOKEN=
CLOUDFLARE_ZONE_ID=
BASE_DOMAIN=corrosionmgmt.com

# Steam API (force wipe detection)
STEAM_API_KEY=

# Email (SMTP)
SMTP_HOST=smtp.example.com
SMTP_PORT=587
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_FROM=noreply@corrosionmgmt.com

# Server
API_PORT=3000
FRONTEND_URL=http://localhost:5174

# Frontend (Vite — must be prefixed with VITE_)
VITE_PANEL_URL=https://panel.corrosionmgmt.com

# Hostnames that serve the marketing site (comma-separated); all other hosts get the panel
VITE_MARKETING_HOSTS=corrosionmgmt.com,www.corrosionmgmt.com