-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
99 lines (82 loc) · 3.46 KB
/
.env.example
File metadata and controls
99 lines (82 loc) · 3.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# Flow Environment Variables Template
# ==========================================
# SECURITY WARNING
# ==========================================
# This file contains EXAMPLE values only
# Copy this file to .env and replace with your actual values
# NEVER commit the .env file to version control!
# If credentials have been exposed, rotate them immediately
# ==========================================
# Frontend Configuration (VITE_ prefix)
# ==========================================
# Deepgram API Key - Speech-to-Text
# Get yours at: https://console.deepgram.com/
VITE_DEEPGRAM_API_KEY=your_deepgram_api_key_here
# Google Gemini API Key - Image Generation & Orchestration
# Get yours at: https://console.cloud.google.com/apis/credentials
VITE_GEMINI_API_KEY=your_gemini_api_key_here
# Marble API Configuration - 3D Gaussian Splat Conversion
# Get yours at: https://www.theworldlabs.com/
VITE_MARBLE_API_KEY=your_marble_api_key_here
VITE_MARBLE_API_URL=https://api.theworldlabs.com/v1/marble/convert
# Marble Proxy URL (optional - for local proxy server)
VITE_MARBLE_PROXY_URL=http://localhost:3001/api/marble/convert
# Firebase Configuration - Client-side (VITE_ prefix required)
VITE_FIREBASE_API_KEY=your_firebase_api_key_here
VITE_FIREBASE_AUTH_DOMAIN=your-app.firebaseapp.com
VITE_FIREBASE_PROJECT_ID=your-project-id
# ==========================================
# Backend Configuration
# ==========================================
# MongoDB Atlas
# Format: mongodb+srv://username:password@cluster.mongodb.net/dbname?retryWrites=true&w=majority
MONGODB_URI=your_mongodb_connection_string_here
# Firebase Admin (Server-side)
FIREBASE_PROJECT_ID=your-project-id
# Service account JSON - keep this secure!
# FIREBASE_SERVICE_ACCOUNT={"type":"service_account","project_id":"..."}
# Storage Configuration (Choose one)
# Option 1: Vercel Blob Storage (Recommended)
# Get your token from: https://vercel.com/dashboard/stores
BLOB_READ_WRITE_TOKEN=vercel_blob_rw_xxxxxxxxxx
# Option 2: Vultr Object Storage (Legacy)
# VULTR_STORAGE_HOSTNAME=ewr1.vultrobjects.com
# VULTR_STORAGE_ACCESS_KEY=your_access_key
# VULTR_STORAGE_SECRET_KEY=your_secret_key
# VULTR_STORAGE_BUCKET=your-bucket
# ElevenLabs API Configuration - Voice Generation
ELEVENLABS_API_KEY=your_elevenlabs_key_here
ELEVENLABS_VOICE_ID=voice_id_here
# Stripe Payment Processing
STRIPE_SECRET_KEY=sk_test_xxxxxxxxxx
STRIPE_WEBHOOK_SECRET=whsec_xxxxxxxxxx
# Admin Configuration
# Comma-separated list of admin email addresses
ADMIN_EMAILS=admin@example.com
# ==========================================
# Server Configuration
# ==========================================
PORT=3001
NODE_ENV=development
# ==========================================
# Security Best Practices
# ==========================================
# 1. Generate strong random values for production
# 2. Use different credentials for dev/staging/prod
# 3. Enable 2FA on all service accounts
# 4. Regularly rotate credentials
# 5. Monitor for unauthorized access
# 6. Use secret management services in production:
# - AWS Secrets Manager
# - Google Secret Manager
# - HashiCorp Vault
# - Azure Key Vault
# 7. Never log or expose credentials in error messages
# 8. Set up audit logging for credential access
# ==========================================
# Generating Secure Random Values
# ==========================================
# Use this command to generate secure random strings:
# openssl rand -base64 32
# Or in Node.js:
# require('crypto').randomBytes(32).toString('base64')