# Copy this file to .env before running Docker Compose:
# cp .env.example .env

# Runtime
NODE_ENV=production

# Auth
# Generate with: openssl rand -base64 32
AUTH_SECRET=change-me-generate-a-real-secret
BETTER_AUTH_URL=http://localhost:3000

# Public app URL
NEXT_PUBLIC_APP_URL=http://localhost:3000

# Postgres used by docker-compose.yml
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_DB=postgres
DATABASE_URL=postgres://postgres:postgres@localhost:5432/postgres
DB_DISABLE_SSL=true

# White-label defaults used at image build time.
# Admin-managed platform branding in the app can override these after setup.
NEXT_PUBLIC_BRAND_NAME="beenvoice"
NEXT_PUBLIC_BRAND_TAGLINE="Simple and efficient invoicing for freelancers and small businesses"
NEXT_PUBLIC_BRAND_LOGO_TEXT="beenvoice"
NEXT_PUBLIC_BRAND_ICON="$"
NEXT_PUBLIC_DEFAULT_INTERFACE_THEME="beenvoice"
NEXT_PUBLIC_DEFAULT_FONT="brand"
NEXT_PUBLIC_DEFAULT_BODY_FONT="brand"
NEXT_PUBLIC_DEFAULT_HEADING_FONT="brand"
NEXT_PUBLIC_DEFAULT_RADIUS="xl"
NEXT_PUBLIC_DEFAULT_SIDEBAR_STYLE="floating"

# Email delivery via Resend (optional)
# Leave blank to disable invoice/password-reset email delivery.
RESEND_API_KEY=
RESEND_DOMAIN=

# Analytics via Umami (optional)
# Leave website ID blank to disable analytics.
NEXT_PUBLIC_UMAMI_WEBSITE_ID=
NEXT_PUBLIC_UMAMI_SCRIPT_URL=https://analytics.umami.is/script.js

# SSO via Authentik OIDC (optional)
NEXT_PUBLIC_AUTHENTIK_ENABLED=false
AUTHENTIK_ISSUER=
AUTHENTIK_CLIENT_ID=
AUTHENTIK_CLIENT_SECRET=
AUTHENTIK_ORIGIN=