-
-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy path.env.example
More file actions
199 lines (170 loc) · 8.79 KB
/
.env.example
File metadata and controls
199 lines (170 loc) · 8.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
# Optimitron Environment Variables
# Copy to .env and fill in values. NEVER commit .env!
# Database (required for @optimitron/db)
# Matches the local Docker Compose Postgres service.
DATABASE_URL=postgresql://postgres:postgres@localhost:5432/optimitron
# Web auth/app URLs
# For local dev with packages/web on port 3001.
NEXTAUTH_URL=http://localhost:3001
# Generate locally, for example: `openssl rand -base64 32`
NEXTAUTH_SECRET=replace-this-with-a-long-random-secret
# Email / auth providers for packages/web
# Resend API keys: https://resend.com/docs/dashboard/api-keys/introduction
RESEND_API_KEY=replace-this-with-your-resend-api-key
# Verify a sending domain first: https://resend.com/docs/dashboard/domains/introduction
EMAIL_FROM=Earth Optimization Services <hello@updates.warondisease.org>
# BCC this address on every outbound email so an operator can monitor irritation/risk.
# Optional monitor recipient copied on outbound Resend emails.
# Set to 0 or false to explicitly disable.
# EMAIL_MONITOR_BCC=monitor@example.org
# Optional: inbound replies to task notification emails. Set both values only
# after the inbound provider routes this domain to /api/webhooks/resend-inbound.
RESEND_INBOUND_WEBHOOK_SECRET=
REPLY_EMAIL_DOMAIN=reply.warondisease.org
# Google OAuth client credentials:
# Console: https://console.cloud.google.com/apis/credentials
# Docs: https://developers.google.com/identity/protocols/oauth2/web-server
GOOGLE_CLIENT_ID=replace-this-with-google-client-id
GOOGLE_CLIENT_SECRET=replace-this-with-google-client-secret
# Background jobs
# Generate locally, for example: `openssl rand -base64 32`
CRON_SECRET=replace-this-with-a-random-cron-secret
REFERRAL_EMAIL_BATCH_SIZE=50
# World ID UI
NEXT_PUBLIC_WORLD_ID_ENABLED=true
# World ID proof-of-personhood
# Create these in the World Developer Portal / IDKit setup:
# Portal: https://developer.world.org/
# Docs: https://docs.world.org/world-id/id/idkit-v4-preview
WORLD_ID_APP_ID=app_replace_this_with_world_id_app_id
WORLD_ID_RP_ID=replace-this-with-your-relying-party-id
WORLD_ID_SIGNING_KEY=replace-this-with-your-world-id-signing-key
WORLD_ID_ACTION=verify-personhood
WORLD_ID_ENVIRONMENT=staging
WORLD_ID_REQUEST_TTL_SECONDS=300
WORLD_ID_ALLOW_LEGACY_PROOFS=true
# Data fetcher API keys
# CONGRESS_API_KEY is required for politician alignment sync jobs.
# FRED API key docs: https://fred.stlouisfed.org/docs/api/fred/v2/api_key.html
FRED_API_KEY=
# World Bank Indicators API docs: https://datahelpdesk.worldbank.org/knowledgebase/articles/889392-about-the-indicators-api-documentation
# The World Bank Indicators API does not require an API key, so this can usually stay blank.
WORLD_BANK_API_KEY=
# Congress.gov API key signup: https://api.congress.gov/sign-up/
CONGRESS_API_KEY=
# Optional Gemini API key for agent-assisted review tools and LLM-backed example tests
# Gemini API key docs: https://ai.google.dev/gemini-api/docs/api-key
GOOGLE_GENERATIVE_AI_API_KEY=
# Optional override for agent image generation. Defaults to Gemini Nano Banana 2 preview.
OPTIMITRON_AGENT_IMAGE_MODEL=gemini-3.1-flash-image-preview
# ─── GitHub PAT (server-side, MCP admin tools) ───
#
# Powers the admin-only MCP tools: searchRepo, getFileContent, listRepoFiles,
# and githubApi (generic api.github.com passthrough). Token lives ONLY on the
# server — clients never see it. MCP-side scope: GITHUB (admin-only).
#
# Recommended: fine-grained PAT, repo-scoped to optimitron + disease-eradication-plan.
# Click to start (only the name pre-fills via URL params; pick repos + permissions
# in the UI):
# https://github.com/settings/personal-access-tokens/new?name=optimitron-mcp
#
# In the UI, set:
# • Resource owner → your account (mikepsinn)
# • Repository access → "Only select repositories" → optimitron, disease-eradication-plan
# • Repository permissions:
# Contents Read and write ← edit code via PR/commits API
# Pull requests Read and write ← open + comment on PRs
# Issues Read and write ← open + close issues
# Discussions Read and write ← Q&A mirror, post answers
# Commit statuses Read and write ← gate task verification on CI
# Actions Read-only ← see runs, but NO dispatch
# Metadata Read-only ← auto-required
# Agent tasks Read and write ← (if visible) delegate to Copilot agent
# • Repository permissions to LEAVE AT "No access" (high blast radius):
# Workflows ← write = modify CI files that run with secrets
# Administration ← repo deletion, transfer, archive (irreversible)
# Webhooks ← can exfiltrate every push event
# Secrets / Variables ← direct read of CI secrets
# Codespaces secrets ← same
# Environments ← can drop env protection rules
# Pages ← can rewrite published site
# Custom properties ← org-wide effect
# • Account permissions → leave all at "No access"
#
# Worst case if this token leaks: malicious commits to the two repos (recoverable
# via git history). It cannot delete the repos, exfiltrate CI secrets, or escape
# to other repos / orgs.
GITHUB_PAT=
# Note: the list of allowed repos is hardcoded in
# packages/web/src/lib/github-repo-tools.server.ts (ALLOWED_REPOS). Adding
# a third repo is a one-line code change reviewed via PR — kept out of env
# vars because the fine-grained PAT is the authoritative gate anyway.
# ─── Smart Contract Deployment & On-Chain Integration ───
# Deployer wallet private key (for deploying contracts via Hardhat)
# Export from MetaMask: Account → ⋮ → Account details → Show private key
# Use a dedicated testnet-only wallet. Fund with Base Sepolia ETH:
# Faucet: https://www.coinbase.com/faucets/base-ethereum-goerli-faucet
DEPLOYER_PRIVATE_KEY=
# Base Sepolia RPC URL (for contract deployment and server-side reads)
# Free default: https://sepolia.base.org
# Better (free tier): sign up at https://www.alchemy.com or https://www.infura.io
# → Create app → Select "Base Sepolia" → Copy HTTPS URL
BASE_SEPOLIA_RPC_URL=https://sepolia.base.org
# Ethereum Sepolia RPC URL (for IAB contracts on Sepolia, if needed)
# Free: https://ethereum-sepolia-rpc.publicnode.com
# Better: Alchemy/Infura → Create app → Select "Sepolia" → Copy HTTPS URL
SEPOLIA_RPC_URL=
# Minter wallet private key (server-side cron job that batch-mints VOTE tokens)
# Can be the same as DEPLOYER_PRIVATE_KEY, or a separate hot wallet.
# This key must be the owner of the deployed VoteToken contract.
VOTE_TOKEN_MINTER_PRIVATE_KEY=
# Chain ID for VOTE token minting (84532 = Base Sepolia testnet, 8453 = Base mainnet)
VOTE_TOKEN_CHAIN_ID=84532
# Etherscan API key (for contract verification after deployment)
# Sign up: https://etherscan.io/apis → Get API Key
ETHERSCAN_API_KEY=
# WalletConnect project ID (for wallet connection in the web app)
# Sign up: https://cloud.walletconnect.com → Create project → Copy Project ID
NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID=
# ─── AT Protocol Hypercert Publishing ───
# DID and app password for the Bluesky/AT Protocol account that publishes Hypercert records.
# Leave ATPROTO_PDS_URL blank to use the default bsky.social PDS.
ATPROTO_DID=
ATPROTO_PASSWORD=
ATPROTO_PDS_URL=https://bsky.social
# ─── IPFS Storage (Storacha or Pinata) ───
# Optional explicit provider selection. Leave blank to auto-detect.
# Auto-detect order is Storacha first, then Pinata.
IPFS_STORAGE_PROVIDER=
# Storacha serverless credentials.
STORACHA_KEY=
STORACHA_PROOF=
# Pinata API key JWT.
# Docs: https://docs.pinata.cloud/account-management/api-keys
PINATA_JWT=
# Optional Pinata dedicated gateway domain or base URL.
# Examples:
# my-gateway.mypinata.cloud
# https://my-gateway.mypinata.cloud
PINATA_GATEWAY=
# ─── Cloudflare R2 (object storage) ───
# R2 hosts large public media (the Chaplin video on /donate) AND the runtime
# memorial-photo + evidence upload flow (PRD F1/F4). Required in every
# environment that serves the represented-person form.
#
# Cloudflare API token (only needed if you script bucket creation / DNS):
# https://dash.cloudflare.com/profile/api-tokens
CLOUDFLARE_TOKEN=
# R2 S3-compatible credentials. Create at:
# Cloudflare dashboard → R2 → Manage R2 API Tokens → Create API token
# Set permissions to "Object Read & Write" scoped to your bucket.
R2_ACCESS_KEY_ID=
R2_SECRET_ACCESS_KEY=
# R2 S3 endpoint, format: https://<account-id>.r2.cloudflarestorage.com
# Example: https://52e6cea8444378116bd4a9c8834e1b27.r2.cloudflarestorage.com
R2_ENDPOINT=
# R2 bucket name (e.g. static-warondisease-org)
R2_BUCKET=
# Public-facing URL prefix the runtime returns after a successful upload.
# Set to the bucket's public domain. Example: https://static.warondisease.org
R2_PUBLIC_URL=