2026-05-21 19:18:08 +02:00
|
|
|
# ─── Port Nimara CRM env template ─────────────────────────────────────────────
|
|
|
|
|
#
|
|
|
|
|
# This file documents every env var the CRM understands. Most integration
|
|
|
|
|
# settings have been moved into the per-port admin UI (see
|
|
|
|
|
# `docs/superpowers/specs/2026-05-15-env-to-admin-migration-design.md`):
|
|
|
|
|
#
|
|
|
|
|
# /admin/documenso — Documenso API URL, key, version, webhook secret,
|
|
|
|
|
# signers, templates
|
|
|
|
|
# /admin/ai — OpenAI API key + model + master switch
|
|
|
|
|
# /admin/email — SMTP host/port/user/pass, from-address
|
|
|
|
|
# /admin/storage — S3/MinIO endpoint, bucket, access key, secret key
|
|
|
|
|
#
|
|
|
|
|
# After a fresh deploy:
|
|
|
|
|
# 1. Set the REQUIRED block below (DB/Redis/auth secrets/encryption key).
|
|
|
|
|
# 2. Boot the app and run `/setup` to create the first super-admin.
|
|
|
|
|
# 3. Open `/admin/<integration>` and configure each one. Each field shows
|
|
|
|
|
# a "Using env fallback" badge if it's still inheriting from env, plus
|
|
|
|
|
# a "Copy from env" button for one-click migration into the DB.
|
|
|
|
|
#
|
|
|
|
|
# The COMMENTED env vars in the OPTIONAL block below still work as a runtime
|
|
|
|
|
# fallback if you set them — useful for staging / dev to bootstrap quickly,
|
|
|
|
|
# or for backward compatibility with older deployments. New ports inherit
|
|
|
|
|
# from these as their initial defaults until the admin UI overrides them.
|
|
|
|
|
#
|
|
|
|
|
# ─── REQUIRED (boot-time secrets — must be in env) ────────────────────────────
|
|
|
|
|
|
Initial commit: Port Nimara CRM (Layers 0-4)
Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM,
PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source
files covering clients, berths, interests/pipeline, documents/EOI,
expenses/invoices, email, notifications, dashboard, admin, and
client portal. CI/CD via Gitea Actions with Docker builds.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 11:52:51 +01:00
|
|
|
# Database
|
|
|
|
|
DATABASE_URL=postgresql://crm:changeme@localhost:5432/port_nimara_crm
|
|
|
|
|
|
2026-05-21 19:18:08 +02:00
|
|
|
# Redis (BullMQ + Socket.IO adapter)
|
Initial commit: Port Nimara CRM (Layers 0-4)
Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM,
PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source
files covering clients, berths, interests/pipeline, documents/EOI,
expenses/invoices, email, notifications, dashboard, admin, and
client portal. CI/CD via Gitea Actions with Docker builds.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 11:52:51 +01:00
|
|
|
REDIS_URL=redis://:changeme@localhost:6379
|
|
|
|
|
|
2026-05-21 19:18:08 +02:00
|
|
|
# Auth (must be 32+ char random strings; rotate carefully)
|
Initial commit: Port Nimara CRM (Layers 0-4)
Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM,
PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source
files covering clients, berths, interests/pipeline, documents/EOI,
expenses/invoices, email, notifications, dashboard, admin, and
client portal. CI/CD via Gitea Actions with Docker builds.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 11:52:51 +01:00
|
|
|
BETTER_AUTH_SECRET=change-me-to-a-random-string-at-least-32-chars
|
|
|
|
|
BETTER_AUTH_URL=http://localhost:3000
|
|
|
|
|
CSRF_SECRET=change-me-to-a-random-string-at-least-32-chars
|
|
|
|
|
|
2026-05-21 19:18:08 +02:00
|
|
|
# AES-256 key for credential encryption at rest. 64-char hex string.
|
|
|
|
|
# Generate with: openssl rand -hex 32
|
|
|
|
|
# CRITICAL: rotating this orphans every encrypted credential in system_settings
|
|
|
|
|
# (Documenso API key, SMTP password, OpenAI key, S3 access/secret keys).
|
|
|
|
|
# Plan a re-keying flow before rotating in production.
|
Initial commit: Port Nimara CRM (Layers 0-4)
Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM,
PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source
files covering clients, berths, interests/pipeline, documents/EOI,
expenses/invoices, email, notifications, dashboard, admin, and
client portal. CI/CD via Gitea Actions with Docker builds.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 11:52:51 +01:00
|
|
|
EMAIL_CREDENTIAL_KEY=0000000000000000000000000000000000000000000000000000000000000000
|
|
|
|
|
|
2026-05-21 19:18:08 +02:00
|
|
|
# App URL — used by middleware redirects + outbound email link construction.
|
|
|
|
|
APP_URL=http://localhost:3000
|
Initial commit: Port Nimara CRM (Layers 0-4)
Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM,
PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source
files covering clients, berths, interests/pipeline, documents/EOI,
expenses/invoices, email, notifications, dashboard, admin, and
client portal. CI/CD via Gitea Actions with Docker builds.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 11:52:51 +01:00
|
|
|
|
2026-05-21 19:18:08 +02:00
|
|
|
# Inlined into the client JS bundle at build time. Must match APP_URL.
|
|
|
|
|
NEXT_PUBLIC_APP_URL=http://localhost:3000
|
Initial commit: Port Nimara CRM (Layers 0-4)
Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM,
PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source
files covering clients, berths, interests/pipeline, documents/EOI,
expenses/invoices, email, notifications, dashboard, admin, and
client portal. CI/CD via Gitea Actions with Docker builds.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 11:52:51 +01:00
|
|
|
|
2026-05-21 19:18:08 +02:00
|
|
|
# Process basics
|
Initial commit: Port Nimara CRM (Layers 0-4)
Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM,
PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source
files covering clients, berths, interests/pipeline, documents/EOI,
expenses/invoices, email, notifications, dashboard, admin, and
client portal. CI/CD via Gitea Actions with Docker builds.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 11:52:51 +01:00
|
|
|
NODE_ENV=development
|
|
|
|
|
LOG_LEVEL=info
|
|
|
|
|
|
2026-05-21 19:18:08 +02:00
|
|
|
# When true, the filesystem storage backend refuses to start. Multi-node
|
|
|
|
|
# deploys MUST use the s3-compatible backend (per CLAUDE.md).
|
|
|
|
|
# MULTI_NODE_DEPLOYMENT=false
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# ─── OPTIONAL: integration env fallbacks ──────────────────────────────────────
|
|
|
|
|
# Each of the following is configurable in the admin UI. Uncomment + set ANY
|
|
|
|
|
# of these to provide a fallback that ports inherit when their admin field is
|
|
|
|
|
# blank. The admin UI labels each inherited field with a "Using env fallback"
|
|
|
|
|
# badge and offers a "Copy from env" button for one-click migration into the
|
|
|
|
|
# port-scoped DB row.
|
|
|
|
|
|
|
|
|
|
# ─ Documenso (admin: /admin/documenso) ─
|
|
|
|
|
# DOCUMENSO_API_URL=https://documenso.example.com # Bare host. Never include /api/v1.
|
|
|
|
|
# DOCUMENSO_API_KEY=your-documenso-api-key # AES-encrypted once written via admin
|
|
|
|
|
# DOCUMENSO_API_VERSION=v1 # v1 (1.13.x) or v2 (2.x)
|
|
|
|
|
# DOCUMENSO_WEBHOOK_SECRET= # Min 16 chars. Generate: openssl rand -hex 16
|
|
|
|
|
# DOCUMENSO_TEMPLATE_ID_EOI=
|
|
|
|
|
# DOCUMENSO_CLIENT_RECIPIENT_ID=
|
|
|
|
|
# DOCUMENSO_DEVELOPER_RECIPIENT_ID=
|
|
|
|
|
# DOCUMENSO_APPROVAL_RECIPIENT_ID=
|
|
|
|
|
|
|
|
|
|
# ─ Email / SMTP (admin: /admin/email) ─
|
|
|
|
|
# SMTP_HOST=mail.portnimara.com
|
|
|
|
|
# SMTP_PORT=587
|
|
|
|
|
# SMTP_USER=
|
|
|
|
|
# SMTP_PASS= # AES-encrypted once written via admin
|
|
|
|
|
# SMTP_FROM= # e.g. "Port Nimara <noreply@example.com>"
|
|
|
|
|
|
|
|
|
|
# Dev/test safety net: when set, every outbound email is rerouted to this
|
|
|
|
|
# address regardless of recipient. Subject is prefixed with [redirected from <orig>].
|
|
|
|
|
# CRITICAL: env validation refuses boot if NODE_ENV=production AND this is set.
|
|
|
|
|
# EMAIL_REDIRECT_TO=
|
|
|
|
|
|
|
|
|
|
# ─ Storage / S3 / MinIO (admin: /admin/storage) ─
|
|
|
|
|
# MINIO_ENDPOINT=localhost
|
|
|
|
|
# MINIO_PORT=9000
|
|
|
|
|
# MINIO_ACCESS_KEY= # AES-encrypted once written via admin
|
|
|
|
|
# MINIO_SECRET_KEY= # AES-encrypted (already)
|
|
|
|
|
# MINIO_BUCKET=crm-files
|
|
|
|
|
# MINIO_USE_SSL=false
|
|
|
|
|
# MINIO_AUTO_CREATE_BUCKET=false # Auto-create bucket at boot
|
|
|
|
|
|
|
|
|
|
# ─ OpenAI (admin: /admin/ai) ─
|
|
|
|
|
# OPENAI_API_KEY= # AES-encrypted once written via admin
|
|
|
|
|
|
|
|
|
|
# ─ Public marketing site URL (admin: /admin/general — TODO) ─
|
|
|
|
|
# PUBLIC_SITE_URL=https://portnimara.com
|
|
|
|
|
|
|
|
|
|
# ─ Webhook intake from marketing site (deployment-shared, env-only) ─
|
|
|
|
|
# Shared secret with the marketing website's CRM_INTAKE_SECRET. Min 16 chars.
|
|
|
|
|
# WEBSITE_INTAKE_SECRET=
|
|
|
|
|
|
|
|
|
|
# ─ Sentry (optional — when unset the SDK is a no-op) ─
|
|
|
|
|
# NEXT_PUBLIC_SENTRY_DSN=
|
|
|
|
|
# SENTRY_ENVIRONMENT=
|
|
|
|
|
# SENTRY_TRACES_SAMPLE_RATE=0.1
|
|
|
|
|
|
|
|
|
|
# ─ Google OAuth (not currently used) ─
|
|
|
|
|
# GOOGLE_CLIENT_ID=
|
|
|
|
|
# GOOGLE_CLIENT_SECRET=
|
