blackroad-operating-system/backend/.env.example

# BlackRoad OS Backend - Railway Secrets Template
# Copy this file to .env for local development and keep the actual
# values in Railway's Variables dashboard. The GitHub workflow
# scripts/railway/validate_env_template.py ensures this template stays
# aligned with app/app.config.Settings.

# Application metadata
APP_NAME=BlackRoad Operating System
APP_VERSION=1.0.0
DEBUG=False
ENVIRONMENT=production
NODE_ENV=production
PYTHON_ENV=production

# Database connectivity
DATABASE_URL=postgresql://YOUR_DB_USER:YOUR_DB_PASSWORD@YOUR_DB_HOST:5432/blackroad
DATABASE_ASYNC_URL=postgresql+asyncpg://YOUR_DB_USER:YOUR_DB_PASSWORD@YOUR_DB_HOST:5432/blackroad
POSTGRES_URL=postgresql://YOUR_DB_USER:YOUR_DB_PASSWORD@YOUR_DB_HOST:5432/blackroad
REDIS_URL=redis://YOUR_REDIS_HOST:6379/0

# Security / auth
SECRET_KEY=changeme-super-secret-key
ALGORITHM=HS256
ACCESS_TOKEN_EXPIRE_MINUTES=30
REFRESH_TOKEN_EXPIRE_DAYS=7
WALLET_MASTER_KEY=changeme-wallet-master-key
ALLOWED_ORIGINS=https://blackroad.systems,https://app.blackroad.systems,https://www.blackroad.systems,https://os.blackroad.systems,https://core.blackroad.systems,https://api.blackroad.systems,https://blackroad-operating-system-production.up.railway.app,https://blackroad-os-core-production.up.railway.app,http://localhost:3000,http://localhost:8000

# Prism / status page targets
PRISM_CORE_API_URL=https://core.blackroad.systems/api
PRISM_PUBLIC_API_URL=https://blackroad.systems/api
PRISM_CONSOLE_URL=https://console.blackroad.systems
JWT_SECRET=changeme-jwt-secret
SESSION_SECRET=changeme-session-secret
NEXTAUTH_SECRET=changeme-nextauth-secret

# Object storage
AWS_ACCESS_KEY_ID=YOUR_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY=YOUR_AWS_SECRET_ACCESS_KEY
AWS_REGION=us-east-1
S3_BUCKET_NAME=blackroad-files

# Email / SMTP
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=road@example.com
SMTP_PASSWORD=changeme-smtp-password
EMAIL_FROM=blackroad@example.com

# AI integrations
OPENAI_API_KEY=sk-your-openai-key
ANTHROPIC_API_KEY=anthropic-key-placeholder

# Blockchain tuning
BLOCKCHAIN_DIFFICULTY=4
MINING_REWARD=50.0

# Railway deployment + alerting
RAILWAY_TOKEN=railway-token-placeholder
RAILWAY_PROJECT_ID=00000000-0000-0000-0000-000000000000
RAILWAY_ENVIRONMENT_ID=00000000-0000-0000-0000-000000000000
RAILWAY_DOMAIN=your-service.up.railway.app
SLACK_WEBHOOK_URL=https://hooks.slack.com/services/XXX/YYY/ZZZ
DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/XXX/YYY

# Cloudflare DNS and CDN
CLOUDFLARE_API_TOKEN=cloudflare-api-token-placeholder
CLOUDFLARE_ACCOUNT_ID=your-cloudflare-account-id
CLOUDFLARE_ZONE_ID=your-cloudflare-zone-id-for-blackroad-systems
CLOUDFLARE_EMAIL=your-cloudflare-email@example.com

# Optional cloud/API integrations
DIGITAL_OCEAN_API_KEY=your-digital-ocean-api-key
GITHUB_TOKEN=your-github-personal-access-token
GITHUB_WEBHOOK_SECRET=your-github-webhook-secret-for-pr-automation
HUGGINGFACE_TOKEN=your-huggingface-token
VERCEL_TOKEN=vercel-token-placeholder
VERCEL_TEAM_ID=your-vercel-team-id
STRIPE_SECRET_KEY=sk_test_your-stripe-secret-key
STRIPE_PUBLISHABLE_KEY=pk_test_your-stripe-publishable-key
TWILIO_ACCOUNT_SID=ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
TWILIO_AUTH_TOKEN=your-twilio-auth-token
TWILIO_PHONE_NUMBER=+10000000000
SLACK_BOT_TOKEN=xoxb-your-slack-bot-token
DISCORD_BOT_TOKEN=discord-bot-token-placeholder
SENTRY_DSN=https://example.ingest.sentry.io/project-id
SENTRY_AUTH_TOKEN=your-sentry-auth-token
SENTRY_ORG=your-sentry-org
ROADCHAIN_RPC_URL=https://chain.example-rpc.net
ROADCOIN_POOL_URL=pool.example.roadcoin:3333
ROADCOIN_WALLET_ADDRESS=your-roadcoin-wallet
MQTT_BROKER_URL=mqtt://broker.example.internal:1883
MQTT_USERNAME=blackroad
MQTT_PASSWORD=your-mqtt-password
DEVICE_HEARTBEAT_TIMEOUT_SECONDS=300

# Local Ollama LLM (run models locally, no cloud API key needed)
# Start with: ollama serve && ollama pull llama3
OLLAMA_BASE_URL=http://localhost:11434
OLLAMA_DEFAULT_MODEL=llama3