xpeditis2.0/apps/backend/.env.example

# Application
NODE_ENV=development
PORT=4000
API_PREFIX=api/v1

# Database
DATABASE_HOST=localhost
DATABASE_PORT=5432
DATABASE_USER=xpeditis
DATABASE_PASSWORD=xpeditis_dev_password
DATABASE_NAME=xpeditis_dev
DATABASE_SYNC=false
DATABASE_LOGGING=true

# Redis
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD=xpeditis_redis_password
REDIS_DB=0

# JWT
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production
JWT_ACCESS_EXPIRATION=15m
JWT_REFRESH_EXPIRATION=7d

# OAuth2 - Google
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
GOOGLE_CALLBACK_URL=http://localhost:4000/api/v1/auth/google/callback

# OAuth2 - Microsoft
MICROSOFT_CLIENT_ID=your-microsoft-client-id
MICROSOFT_CLIENT_SECRET=your-microsoft-client-secret
MICROSOFT_CALLBACK_URL=http://localhost:4000/api/v1/auth/microsoft/callback

# Application URL
APP_URL=http://localhost:3000
FRONTEND_URL=http://localhost:3000

# Email (SMTP)
SMTP_HOST=smtp-relay.brevo.com
SMTP_PORT=587
SMTP_USER=
SMTP_PASS=
SMTP_SECURE=false
SMTP_FROM=noreply@xpeditis.com

# AWS S3 / Storage (or MinIO for development)
AWS_ACCESS_KEY_ID=minioadmin
AWS_SECRET_ACCESS_KEY=minioadmin
AWS_REGION=us-east-1
AWS_S3_ENDPOINT=http://localhost:9000
# AWS_S3_ENDPOINT=  # Leave empty for AWS S3


# Swagger Documentation Access (HTTP Basic Auth — only you can access /api/docs)
SWAGGER_USERNAME=
SWAGGER_PASSWORD=

# Security
BCRYPT_ROUNDS=12
SESSION_TIMEOUT_MS=7200000

# Rate Limiting
RATE_LIMIT_TTL=60
RATE_LIMIT_MAX=100

# Monitoring
SENTRY_DSN=your-sentry-dsn


# Frontend URL (for redirects)
FRONTEND_URL=http://localhost:3000

# Stripe (Subscriptions & Payments)
STRIPE_SECRET_KEY=
STRIPE_WEBHOOK_SECRET=

# Stripe Price IDs (from Stripe Dashboard)
STRIPE_SILVER_MONTHLY_PRICE_ID=
STRIPE_SILVER_YEARLY_PRICE_ID=
STRIPE_GOLD_MONTHLY_PRICE_ID=
STRIPE_GOLD_YEARLY_PRICE_ID=
STRIPE_PLATINIUM_MONTHLY_PRICE_ID=
STRIPE_PLATINIUM_YEARLY_PRICE_ID=