# Base application env
NODE_ENV="development"
PORT="3000"
HOSTNAME="0.0.0.0"

# Auth
# You can generate a new secret on the command line with:
# openssl rand -base64 32
AUTH_SECRET="your-auth-secret"
BETTER_AUTH_URL="http://localhost:3000" # Set to your production URL in production

# App URL
# Used for client-side redirects and base URLs
NEXT_PUBLIC_APP_URL="http://localhost:3000"

# Database (Postgres)
# These are required for Docker container initialization
POSTGRES_USER="postgres"
POSTGRES_PASSWORD="postgres"
POSTGRES_DB="postgres"

# Connect string for the app
DATABASE_URL="postgres://postgres:postgres@localhost:5432/postgres"
# Disable SSL for Docker local Postgres; set to false or remove for managed Postgres
DB_DISABLE_SSL="true"

# Email (Resend). Replace with real keys in production
RESEND_API_KEY="your-resend-api-key"
RESEND_DOMAIN=""

# Analytics
NEXT_PUBLIC_UMAMI_WEBSITE_ID="your-website-id-here"
NEXT_PUBLIC_UMAMI_SCRIPT_URL="https://analytics.umami.is/script.js"
# Build tweaks
# SKIP_ENV_VALIDATION=1

# SSO / Authentik (Optional - only needed if using SSO authentication)
# Configure these if you want to enable Single Sign-On with Authentik OIDC
# The issuer should be your Authentik application's OAuth2 provider URL
# Example: https://auth.example.com/application/o/your-app-slug
AUTHENTIK_ISSUER=""
AUTHENTIK_CLIENT_ID=""
AUTHENTIK_CLIENT_SECRET=""