# Shared Environment Variables Template # Copy this to your service repository as .env.example # NEVER commit the actual .env file with real values! # ========================================== # Environment Configuration # ========================================== BR_OS_ENV=local # Options: local, staging, prod # ========================================== # Service Information # ========================================== BR_OS_SERVICE_NAME=your-service-name # Example: blackroad-os-api, blackroad-os-operator, etc. BR_OS_SERVICE_VERSION=0.0.1 # Semantic version of the service BR_OS_SERVICE_COMMIT=LOCAL_DEV # Git commit SHA (set automatically in CI/CD) # ========================================== # Server Configuration # ========================================== PORT=8080 # HTTP server port NODE_ENV=development # For Node.js services: development, production, test # ========================================== # Service Dependencies # ========================================== # BlackRoad OS Core Service # CORE_BASE_URL=http://localhost:8081 # For staging: https://blackroad-os-core-staging.railway.app # For prod: https://blackroad-os-core-prod.railway.app # CORE_API_KEY= # API key for authenticating with core service # NEVER commit this value! Store in Railway/Vercel secrets # BlackRoad OS API Service (if needed by UI apps) # NEXT_PUBLIC_API_URL=http://localhost:8080 # For staging: https://api.staging.blackroad.io # For prod: https://api.blackroad.io # ========================================== # Database (if applicable) # ========================================== # DATABASE_URL= # PostgreSQL connection string # Local example: postgresql://user:password@localhost:5432/dbname # NEVER commit production database URLs! # ========================================== # Authentication & Security # ========================================== # JWT_SECRET= # Secret for signing JWT tokens # NEVER commit this! Generate with: openssl rand -base64 32 # NEXTAUTH_SECRET= # For Next.js apps using NextAuth # NEVER commit this! Generate with: openssl rand -base64 32 # NEXTAUTH_URL=http://localhost:3000 # Full URL of your app (for auth callbacks) # SESSION_MAX_AGE=86400 # Session duration in seconds (default: 24 hours) # ========================================== # Logging & Monitoring # ========================================== LOG_LEVEL=info # Options: debug, info, warn, error # SENTRY_DSN= # Sentry error tracking DSN # Store in provider secrets manager # NEXT_PUBLIC_SENTRY_DSN= # Client-side Sentry DSN (safe to expose) # ========================================== # Analytics (if applicable) # ========================================== # NEXT_PUBLIC_ANALYTICS_ID= # Google Analytics, Plausible, or other analytics ID # ========================================== # Worker Configuration (for operator/background services) # ========================================== # WORKER_CONCURRENCY=5 # Number of concurrent workers # WORKER_INTERVAL_SECONDS=60 # Polling interval for background tasks # WORKER_BATCH_SIZE=10 # Number of tasks to process per batch # ========================================== # API Configuration # ========================================== # REQUEST_TIMEOUT_MS=30000 # Timeout for API requests in milliseconds # RATE_LIMIT_MAX=100 # Maximum requests per rate limit window # RATE_LIMIT_WINDOW_MS=60000 # Rate limit window in milliseconds # ========================================== # Feature Flags # ========================================== # ENABLE_METRICS=true # Enable Prometheus metrics export # ENABLE_DEBUG_ENDPOINTS=false # Enable debug/admin endpoints (NEVER in production!) # ========================================== # Third-Party Services # ========================================== # STRIPE_API_KEY= # Stripe API key (if using payments) # NEVER commit this! Store in provider secrets # SENDGRID_API_KEY= # SendGrid API key (if using email) # NEVER commit this! Store in provider secrets # ========================================== # Next.js Specific (if applicable) # ========================================== # NEXT_PUBLIC_ENV=local # Public environment name (safe to expose to client) # REVALIDATE_SECONDS=60 # ISR revalidation interval # ========================================== # Build Configuration # ========================================== # Build-time environment variables go here # These are embedded in the build output # ========================================== # Notes # ========================================== # 1. Copy this file to .env.local for local development # 2. Fill in actual values (especially secrets) # 3. NEVER commit .env.local to version control # 4. For staging/production, set variables in Railway/Vercel dashboard # 5. Rotate secrets regularly # 6. Use strong, randomly generated secrets # 7. Different secrets for each environment # 8. Document any new variables you add